Vulnerabilities > Mattermost > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-19 | CVE-2017-18917 | Use of Password Hash With Insufficient Computational Effort vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. | 7.5 |
| 2020-06-19 | CVE-2017-18906 | Improper Authentication vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2, when Single Sign-On OAuth2 is used. | 8.1 |
| 2020-06-19 | CVE-2016-11069 | Weak Password Requirements vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 3.2.0. | 7.5 |
| 2020-06-19 | CVE-2016-11066 | Information Exposure vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 3.2.0. | 7.5 |
| 2020-06-19 | CVE-2015-9548 | Resource Exhaustion vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 1.2.0. | 7.5 |
| 2020-06-19 | CVE-2017-18909 | Improper Certificate Validation vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 3.9.0 when SAML is used. | 7.5 |
| 2020-06-19 | CVE-2017-18903 | Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. | 8.8 |
| 2020-06-19 | CVE-2017-18894 | Incorrect Permission Assignment for Critical Resource vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. | 8.1 |
| 2020-06-19 | CVE-2017-18886 | Incorrect Permission Assignment for Critical Resource vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. | 8.8 |
| 2020-06-19 | CVE-2017-18884 | Improper Privilege Management vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. | 8.1 |