4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-6202

GHSA ID

GHSA-85jj-c9jr-9jhx

EPSS Score

0.3965%

CWE

CWE-284

Published

11/27/2023

Updated

11/28/2023

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-6202

CVE-2023-6202: Mattermost Improper Access Control vulnerability

Mattermost fails to perform proper authorization in the /plugins/focalboard/api/v2/users endpoint allowing an attacker who is a guest user and knows the ID of another user to get their information (e.g. name, surname, nickname) via Mattermost Boards.

(GitHub Advisory)

4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-6202

GHSA ID

GHSA-85jj-c9jr-9jhx

EPSS Score

0.3965%

CWE

CWE-284

Published

11/27/2023

Updated

11/28/2023

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/mattermost/mattermost/server/v8	go	>= 9.1.0, < 9.1.1	9.1.1
github.com/mattermost/mattermost/server/v8	go	>= 9.0.0, < 9.0.2	9.0.2
github.com/mattermost/mattermost/server/v8	go	< 8.1.4	8.1.4
github.com/mattermost/mattermost-server/v6	go	< 7.8.13	7.8.13

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability description explicitly identifies the /plugins/focalboard/api/v2/users endpoint as the attack vector. In typical Go web service patterns:

HTTP handler functions are directly responsible for request authorization
The vulnerability pattern matches missing permission checks before user data retrieval
The CWE-284 classification confirms this is an access control issue at the endpoint handler level
The affected versions' patch notes suggest authorization was added to this endpoint While exact function names aren't provided, the standard implementation would require a handler function like handleGetUser to process user retrieval requests, which would be responsible for performing authorization checks before returning sensitive user data.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

M*tt*rmost **ils to p*r*orm prop*r *ut*oriz*tion in t** `/plu*ins/*o**l*o*r*/*pi/v*/us*rs` *n*point *llowin* *n *tt**k*r w*o is * *u*st us*r *n* knows t** I* o* *not**r us*r to **t t**ir in*orm*tion (*.*. n*m*, surn*m*, ni*kn*m*) vi* M*tt*rmost *o*r*

Reasoning

T** vuln*r**ility **s*ription *xpli*itly i**nti*i*s t** /plu*ins/*o**l*o*r*/*pi/v*/us*rs *n*point *s t** *tt**k v**tor. In typi**l *o w** s*rvi** p*tt*rns: *. *TTP **n*l*r *un*tions *r* *ir**tly r*sponsi*l* *or r*qu*st *ut*oriz*tion *. T** vuln*r**il

4.3

Basic Information

Concerned about an active attack path?

CVE-2023-6202: Mattermost Improper Access Control vulnerability

4.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI