CVE-2023-5339

Mattermost Desktopfails to set an appropriate log level during initial run after fresh installationresulting in logging all keystrokesincluding password entrybeing logged.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.7 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
MattermostCNA
4.7 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
VendorProductVersion
mattermostmattermost_desktop
𝑥
≤ 5.4.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://mattermost.com/security-updates
https://mattermost.com/security-updates