Vulnerabilities > CVE-2021-22892 - Information Exposure Through Discrepancy vulnerability in Rocket.Chat

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
rocket-chat
CWE-203

Summary

An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 & v3.11.3 that allowed email addresses to be disclosed by enumeration and validation checks.

Vulnerable Configurations

Part Description Count
Application
Rocket.Chat
499

Common Weakness Enumeration (CWE)