← back
CVE-2023-2788

Deactivated user can retain access using oauth2 api

CVSS 6.2 MEDIUMEPSS 0.5%CWE-862
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.2EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
16 Jun 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Mattermost fails to check if an admin user account active after an oauth2 flow is started, allowing an attacker with admin privileges to retain persistent access to Mattermost by obtaining an oauth2 access token while the attacker's account is deactivated.
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L
Affected products
Mattermost · Mattermost

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://mattermost.com/security-updates/