CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-20881
https://notcve.org/view.php?id=CVE-2019-20881
An issue was discovered in Mattermost Server before 5.8.0. It mishandles brute-force attacks against MFA. Se detectó un problema en Mattermost Server versiones anteriores a 5.8.0. Maneja inapropiadamente los ataques de fuerza bruta contra MFA • https://mattermost.com/security-updates • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2019-20880
https://notcve.org/view.php?id=CVE-2019-20880
An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. It allows attackers to cause a denial of service (memory consumption) via OpenGraph. Se detectó un problema en Mattermost Server versiones anteriores a 5.8.0, 5.7.2, 5.6.5 y 4.10.7. Permite a atacantes causar una denegación de servicio (consumo de la memoria) por medio de OpenGraph • https://mattermost.com/security-updates • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2019-20878
https://notcve.org/view.php?id=CVE-2019-20878
An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. Changes, within the application, to e-mail addresses are mishandled. Se detectó un problema en Mattermost Server versiones anteriores a 5.9.0, 5.8.1, 5.7.3 y 4.10.8. Cambios, dentro de la aplicación, en unas direcciones de correo electrónico son manejados inapropiadamente • https://mattermost.com/security-updates •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2019-20879
https://notcve.org/view.php?id=CVE-2019-20879
An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. Changes to e-mail addresses do not require credential re-entry. Se detectó un problema en Mattermost Server versiones anteriores a 5.8.0, 5.7.2, 5.6.5 y 4.10.7. Los cambios en las direcciones de correo electrónico no requieren el reingreso de credenciales • https://mattermost.com/security-updates • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2019-20877
https://notcve.org/view.php?id=CVE-2019-20877
An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attackers to obtain sensitive information about whether someone has 2FA enabled. Se detectó un problema en Mattermost Server versiones anteriores a 5.9.0, 5.8.1, 5.7.3 y 4.10.8. Permite a atacantes obtener información confidencial sobre si alguien presenta 2FA habilitado • https://mattermost.com/security-updates •