Mattermost fails to redact from audit logs the user password during user creation and the user password hash in other operations if the experimental audit logging configuration was enabled (ExperimentalAuditSettings section in config).
References
Link | Resource |
---|---|
https://mattermost.com/security-updates/ | Vendor Advisory |
https://mattermost.com/security-updates/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:39
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.2 |
References | () https://mattermost.com/security-updates/ - Vendor Advisory |
Information
Published : 2023-04-17 15:15
Updated : 2024-11-21 07:39
NVD link : CVE-2023-1831
Mitre link : CVE-2023-1831
CVE.ORG link : CVE-2023-1831
JSON object : View
Products Affected
mattermost
- mattermost_server