CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23911
https://notcve.org/view.php?id=CVE-2023-23911
An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room. • https://hackerone.com/reports/1757663 • CWE-284: Improper Access Control CWE-326: Inadequate Encryption Strength •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23917
https://notcve.org/view.php?id=CVE-2023-23917
A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an attacker to a RCE under the admin account. Any user can create their own server in your cloud and become an admin so this vulnerability could affect the cloud infrastructure. This attack vector also may increase the impact of XSS to RCE which is dangerous for self-hosted users as well. • https://hackerone.com/reports/1631258 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-32211
https://notcve.org/view.php?id=CVE-2022-32211
A SQL injection vulnerability exists in Rocket.Chat <v3.18.6, <v4.4.4 and <v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret. Se presenta una vulnerabilidad de inyección SQL en Rocket.Chat versiones anteriores a v3.18.6, versiones anteriores a v4.4.4 y versiones anteriores a v4.7.3, que puede permitir a un atacante recuperar un token de restablecimiento de contraseña a mediante un secreto 2fa. • https://hackerone.com/reports/1581059 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32217
https://notcve.org/view.php?id=CVE-2022-32217
A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs. Se presenta un almacenamiento en texto sin cifrar de información confidencial en Rocket.Chat versiones anteriores a v4.6.4, debido a que el token Oauth es filtrado en texto plano en los registros de Rocket.chat. • https://hackerone.com/reports/1394399 • CWE-312: Cleartext Storage of Sensitive Information CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32220
https://notcve.org/view.php?id=CVE-2022-32220
An information disclosure vulnerability exists in Rocket.Chat <v5 due to the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room. Se presenta una vulnerabilidad de divulgación de información en Rocket.Chat versiones anteriores a v5 debido a que el método del servidor meteorológico getUserMentionsByChannel divulga mensajes de canales privados y mensajes directos sin tener en cuenta el permiso de acceso de los usuarios a la sala. • https://hackerone.com/reports/1410246 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •