CVE-2023-45316

Summary

Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry/run/<telem_run_id> as a telemetry run ID, allowing an attacker to use a path traversal payload that points to a different endpoint leading to a CSRF attack.

Affected Software

VendorProductVersion RangeStatus
MattermostMattermost0 <= 9.1.2affected
MattermostMattermost0 <= 9.0.3affected
MattermostMattermost0 <= 8.1.5affected
MattermostMattermost0 <= 7.8.14affected
MattermostMattermost0 <= 9.2.1affected
MattermostMattermost8.1.6unaffected
MattermostMattermost9.0.4unaffected
MattermostMattermost9.1.3unaffected
MattermostMattermost9.2.2unaffected
MattermostMattermost7.8.15unaffected

Weaknesses

  • CWE-352: CWE-352: Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References