CVE-2023-48369

Summary

Mattermost fails to limit the log size of server logs allowing an attacker sending specially crafted requests to different endpoints to potentially overflow the log.

Affected Software

VendorProductVersion RangeStatus
MattermostMattermost0 <= 7.8.12affected
MattermostMattermost0 <= 8.1.3affected
MattermostMattermost0 <= 9.0.1affected
MattermostMattermost0 <= 9.1.0affected
MattermostMattermost9.0.2unaffected
MattermostMattermost9.1.1unaffected
MattermostMattermost7.8.13unaffected
MattermostMattermost8.1.4unaffected

Weaknesses

  • CWE-400: CWE-400: Uncontrolled Resource Consumption

ADP Enrichment

CVE Program Container

Additional References

References