We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-5339

Mattermost Desktop logs all keystrokes during initial run after fresh installation 



AssignerMattermost
Reserved2023-10-02
Published2023-10-17
Updated2024-09-05

Description

Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged.



MEDIUM: 4.7CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Problem types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status
0x4005d8af90

Any version
affected

5.5.0
unaffected

Credits

Patrice Kolb 0x4005d8b000

References

https://mattermost.com/security-updates

cve.org CVE-2023-5339

nvd.nist.gov CVE-2023-5339

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-5339
Subscribe to our newsletter to learn more about our work.