Vulnerabilites related to rocket.chat - rocket.chat
Vulnerability from fkie_nvd
Published
2020-12-30 07:15
Modified
2024-11-21 05:24
Severity ?
Summary
Rocket.Chat before 0.74.4, 1.x before 1.3.4, 2.x before 2.4.13, 3.x before 3.7.3, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 mishandles SAML login.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/RocketChat/Rocket.Chat/compare/3.8.2...3.8.3 | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/RocketChat/Rocket.Chat/releases/tag/3.9.1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat/compare/3.8.2...3.8.3 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat/releases/tag/3.9.1 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50B51316-98CB-4596-A0ED-455F456DB844",
"versionEndExcluding": "0.74.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8570726E-8D43-46F7-B113-5993C103ECE8",
"versionEndExcluding": "1.3.4",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0582CB-9979-4DE5-9F76-0F650D1A8ECA",
"versionEndExcluding": "2.4.13",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA5B82E0-0CD3-4258-A652-02EEDAABE161",
"versionEndExcluding": "3.7.3",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C6653E5-082E-4862-972A-E1030D455198",
"versionEndExcluding": "3.8.3",
"versionStartIncluding": "3.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE7C533-1780-4570-A1DE-FC870217EACE",
"versionEndExcluding": "3.9.1",
"versionStartIncluding": "3.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat before 0.74.4, 1.x before 1.3.4, 2.x before 2.4.13, 3.x before 3.7.3, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 mishandles SAML login."
},
{
"lang": "es",
"value": "Rocket.Chat versiones anteriores a 0.74.4, versiones 1.x anteriores a 1.3.4, versiones 2.x anteriores a 2.4.13, versiones 3.x anteriores a 3.7.3, versiones 3.8.x anteriores a 3.8.3 y versiones 3.9.x anteriores a 3.9.1, maneja inapropiadamente el inicio de sesi\u00f3n de SAML."
}
],
"id": "CVE-2020-29594",
"lastModified": "2024-11-21T05:24:16.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-30T07:15:12.217",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/compare/3.8.2...3.8.3"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.9.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/compare/3.8.2...3.8.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.9.1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-05 05:15
Modified
2024-09-06 17:35
Severity ?
Summary
A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1886954 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2386061B-F94D-44C0-B373-8A1BF27DC6EA",
"versionEndExcluding": "6.10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Server-Side Request Forgery (SSRF) affects Rocket.Chat\u0027s Twilio webhook endpoint before version 6.10.1."
},
{
"lang": "es",
"value": "Server-Side Request Forgery (SSRF) afecta al endpoint del webhook Twilio de Rocket.Chat antes de la versi\u00f3n 6.10.1."
}
],
"id": "CVE-2024-39713",
"lastModified": "2024-09-06T17:35:12.380",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "support@hackerone.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-05T05:15:39.297",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1886954"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:10
Severity ?
Summary
A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1458020 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1458020 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3155E31-438F-4694-88C7-4D6C91C86C1D",
"versionEndExcluding": "4.7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BCD8A-EF54-4DFB-9DBA-FED38DB78789",
"versionEndExcluding": "4.8.2",
"versionStartIncluding": "4.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n NoSQL-Injection en Rocket.Chat versiones anteriores a v5, versiones anteriores a v4.8.2 y versiones anteriores a v4.7.5 en el m\u00e9todo del servidor Meteor getS3FileUrl que puede divulgar URLs de descarga de archivos arbitrarias a usuarios que no deber\u00edan poder acceder."
}
],
"id": "CVE-2022-35246",
"lastModified": "2024-11-21T07:10:57.953",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:13.900",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1458020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1458020"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1394399 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1394399 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8B994B-5FE3-44A7-B9D3-F622AD382188",
"versionEndExcluding": "4.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cleartext storage of sensitive information exists in Rocket.Chat \u003cv4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs."
},
{
"lang": "es",
"value": "Se presenta un almacenamiento en texto sin cifrar de informaci\u00f3n confidencial en Rocket.Chat versiones anteriores a v4.6.4, debido a que el token Oauth es filtrado en texto plano en los registros de Rocket.chat.\n"
}
],
"id": "CVE-2022-32217",
"lastModified": "2024-11-21T07:05:56.690",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:11.620",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1394399"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1394399"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-26 18:16
Modified
2024-11-21 05:38
Severity ?
Summary
The `specializedRendering` function in Rocket.Chat server before 3.9.2 allows a cross-site scripting (XSS) vulnerability by way of the `value` parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://docs.rocket.chat/guides/security/security-updates | Vendor Advisory | |
| support@hackerone.com | https://hackerone.com/reports/899954 | Exploit, Third Party Advisory | |
| support@hackerone.com | https://rocket.chat/xss-vulnerability-hotfix-available-for-all-affected-versions/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.rocket.chat/guides/security/security-updates | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/899954 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rocket.chat/xss-vulnerability-hotfix-available-for-all-affected-versions/ | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EF9B315-0C33-469E-A96C-77B613CA07BD",
"versionEndExcluding": "3.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The `specializedRendering` function in Rocket.Chat server before 3.9.2 allows a cross-site scripting (XSS) vulnerability by way of the `value` parameter."
},
{
"lang": "es",
"value": "La funci\u00f3n \"SpecialtyRendering\" en el servidor Rocket.Chat versiones anteriores a 3.9.2, permite una vulnerabilidad de tipo cross-site scripting (XSS) mediante el par\u00e1metro \"value\""
}
],
"id": "CVE-2020-8288",
"lastModified": "2024-11-21T05:38:39.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-26T18:16:08.367",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/899954"
},
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rocket.chat/xss-vulnerability-hotfix-available-for-all-affected-versions/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/899954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://rocket.chat/xss-vulnerability-hotfix-available-for-all-affected-versions/"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-11 22:15
Modified
2025-01-27 17:15
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A NoSQL injection vulnerability has been identified in the listEmojiCustom method call within Rocket.Chat. This can be exploited by unauthenticated users when there is at least one custom emoji uploaded to the Rocket.Chat instance. The vulnerability causes a delay in the server response, with the potential for limited impact.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1757676 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1757676 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1141C6-65B5-4FC0-8E0C-C8162E3FDD73",
"versionEndExcluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NoSQL injection vulnerability has been identified in the listEmojiCustom method call within Rocket.Chat. This can be exploited by unauthenticated users when there is at least one custom emoji uploaded to the Rocket.Chat instance. The vulnerability causes a delay in the server response, with the potential for limited impact."
}
],
"id": "CVE-2023-28359",
"lastModified": "2025-01-27T17:15:11.823",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-11T22:15:10.057",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1757676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1757676"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
An information disclosure vulnerability exists in Rocket.Chat <v4.7.5 which allowed the "users.list" REST endpoint gets a query parameter from JSON and runs Users.find(queryFromClientSide). This means virtually any authenticated user can access any data (except password hashes) of any user authenticated.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1140631 | Exploit, Issue Tracking, Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1140631 | Exploit, Issue Tracking, Mitigation, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3155E31-438F-4694-88C7-4D6C91C86C1D",
"versionEndExcluding": "4.7.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv4.7.5 which allowed the \"users.list\" REST endpoint gets a query parameter from JSON and runs Users.find(queryFromClientSide). This means virtually any authenticated user can access any data (except password hashes) of any user authenticated."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Rocket.Chat versiones anteriores a v4.7.5 que permit\u00eda que el endpoint REST \"users.list\" obtuviera un par\u00e1metro de consulta de JSON y ejecutara Users.find(queryFromClientSide). Esto significa que pr\u00e1cticamente cualquier usuario autenticado puede acceder a cualquier dato (excepto los hashes de las contrase\u00f1as) de cualquier usuario autenticado."
}
],
"id": "CVE-2022-32219",
"lastModified": "2024-11-21T07:05:56.943",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:11.723",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1140631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1140631"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-09 22:15
Modified
2025-01-28 21:15
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
A vulnerability has been discovered in Rocket.Chat, where editing messages can change the original timestamp, causing the UI to display messages in an incorrect order.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1379635 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1379635 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAE3A1B1-27A3-4FD5-BCE6-CC713F0C8B90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Rocket.Chat, where editing messages can change the original timestamp, causing the UI to display messages in an incorrect order."
}
],
"id": "CVE-2023-28317",
"lastModified": "2025-01-28T21:15:14.333",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-09T22:15:10.027",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1379635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1379635"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-494"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-27 12:15
Modified
2024-11-21 05:50
Severity ?
Summary
An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 & v3.11.3 that allowed email addresses to be disclosed by enumeration and validation checks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1089116 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1089116 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | 3.12.3 | |
| rocket.chat | rocket.chat | 3.12.4 | |
| rocket.chat | rocket.chat | 3.12.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "884F0825-B932-403D-A419-626F8B3C1AA4",
"versionEndExcluding": "3.11.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F568464-264D-4269-8979-12FD1BB17F73",
"versionEndExcluding": "3.12.2",
"versionStartIncluding": "3.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "452B86C4-9344-4D05-93D9-6AE0A288D740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ECA25358-3CA9-4991-AA53-01EBCBFE46B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "863DA436-E21C-45CD-9D26-A52A475C701B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 \u0026 v3.11.3 that allowed email addresses to be disclosed by enumeration and validation checks."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en el servidor Rocket.Chat corregido en versiones v3.13, v3.12.2 y v3.11.3, que permit\u00eda que las direcciones de correo electr\u00f3nico sean divulgadas mediante comprobaciones de enumeraci\u00f3n y validaci\u00f3n"
}
],
"id": "CVE-2021-22892",
"lastModified": "2024-11-21T05:50:51.297",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-27T12:15:07.883",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1089116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1089116"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-23 20:15
Modified
2024-11-21 07:47
Severity ?
Summary
A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an attacker to a RCE under the admin account. Any user can create their own server in your cloud and become an admin so this vulnerability could affect the cloud infrastructure. This attack vector also may increase the impact of XSS to RCE which is dangerous for self-hosted users as well.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1631258 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1631258 | Permissions Required |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E33A3CA1-AFAC-4F61-93E3-E16070C99CEB",
"versionEndExcluding": "5.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A prototype pollution vulnerability exists in Rocket.Chat server \u003c5.2.0 that could allow an attacker to a RCE under the admin account. Any user can create their own server in your cloud and become an admin so this vulnerability could affect the cloud infrastructure. This attack vector also may increase the impact of XSS to RCE which is dangerous for self-hosted users as well."
}
],
"id": "CVE-2023-23917",
"lastModified": "2024-11-21T07:47:05.803",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-23T20:15:13.847",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Permissions Required"
],
"url": "https://hackerone.com/reports/1631258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://hackerone.com/reports/1631258"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-11 01:29
Modified
2024-11-21 03:48
Severity ?
Summary
A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. When one creates an account, the next step will ask for a username. This field will not save HTML control characters but an error will be displayed that shows the attempted username unescaped via packages/rocketchat-ui-login/client/username/username.js in packages/rocketchat-ui-login/client/username/username.html.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/RocketChat/Rocket.Chat/issues/10795 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat/issues/10795 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A59E694D-0BDC-4337-B946-488E1E6E88A7",
"versionEndExcluding": "0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. When one creates an account, the next step will ask for a username. This field will not save HTML control characters but an error will be displayed that shows the attempted username unescaped via packages/rocketchat-ui-login/client/username/username.js in packages/rocketchat-ui-login/client/username/username.html."
},
{
"lang": "es",
"value": "Se ha descubierto un problema de Cross-Site Scripting (XSS) reflejado en el formulario de registro en Rocket.Chat en versiones anteriores a la 0.66. Cuando se crea una cuenta, el siguiente paso solicitar\u00e1 un nombre de usuario. Este campo no guardar\u00e1 los caracteres de control HTML, pero se mostrar\u00e1 un error que muestra el intento de nombre de usuario sin escapar mediante packages/rocketchat-ui-login/client/username/username.js en packages/rocketchat-ui-login/client/username/username.html."
}
],
"id": "CVE-2018-13879",
"lastModified": "2024-11-21T03:48:14.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-11T01:29:01.550",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/issues/10795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/issues/10795"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:02
Severity ?
Summary
An improper authentication vulnerability exists in Rocket.Chat Mobile App <4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication (PIN code).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1126414 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1126414 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A2F0F9-A2B3-4E31-A7BF-E3A2502E7609",
"versionEndExcluding": "4.14.1.22788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability exists in Rocket.Chat Mobile App \u003c4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication (PIN code)."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de autenticaci\u00f3n inapropiada en Rocket.Chat Mobile App versiones anteriores a 4.14.1.22788, que permit\u00eda a un atacante con acceso f\u00edsico a un dispositivo m\u00f3vil omitir la autenticaci\u00f3n local (c\u00f3digo PIN).\n"
}
],
"id": "CVE-2022-30124",
"lastModified": "2024-11-21T07:02:12.407",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:11.510",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1126414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1126414"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-09 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
A sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://blog.sonarsource.com/nosql-injections-in-rocket-chat/ | Third Party Advisory | |
| support@hackerone.com | https://hackerone.com/reports/1130874 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.sonarsource.com/nosql-injections-in-rocket-chat/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1130874 | Exploit, Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38901F46-B6D7-4A61-9338-F1E6D82A051E",
"versionEndExcluding": "3.11.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6314EFA0-034D-4151-80C9-01E175EB13BE",
"versionEndExcluding": "3.12.4",
"versionStartIncluding": "3.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "898CAAFC-2C62-4880-B3AF-7303C74CCB68",
"versionEndExcluding": "3.13.2",
"versionStartIncluding": "3.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A sanitization vulnerability exists in Rocket.Chat server versions \u003c3.13.2, \u003c3.12.4, \u003c3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de saneo en Rocket.Chat server versiones anteriores a 3.13.2, anteriores a 3.12.4, anteriores a 3.11.4, que permit\u00eda realizar consultas a un endpoint que pod\u00eda dar lugar a una inyecci\u00f3n NoSQL, conllevando potencialmente a un RCE"
}
],
"id": "CVE-2021-22910",
"lastModified": "2024-11-21T05:50:53.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-09T13:15:07.120",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat/"
},
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1130874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1130874"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-75"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-09 22:15
Modified
2025-01-28 21:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is enabled.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/992280 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/992280 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAE3A1B1-27A3-4FD5-BCE6-CC713F0C8B90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is enabled."
}
],
"id": "CVE-2023-28316",
"lastModified": "2025-01-28T21:15:14.163",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-09T22:15:09.980",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/992280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/992280"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-11 22:15
Modified
2025-01-27 17:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified where a maliciously crafted message containing a specific chain of characters can cause the chat to enter a hot loop on one of the processes, consuming ~120% CPU and rendering the service unresponsive.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1461340 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1461340 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1141C6-65B5-4FC0-8E0C-C8162E3FDD73",
"versionEndExcluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified where a maliciously crafted message containing a specific chain of characters can cause the chat to enter a hot loop on one of the processes, consuming ~120% CPU and rendering the service unresponsive."
}
],
"id": "CVE-2023-28356",
"lastModified": "2025-01-27T17:15:11.420",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-11T22:15:09.887",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1461340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1461340"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-05 15:15
Modified
2024-11-21 05:20
Severity ?
Summary
The Rocket.Chat desktop application 2.17.11 opens external links without user interaction.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/RocketChat/Rocket.Chat.Electron/pull/1710 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat.Electron/pull/1710 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | 2.17.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:2.17.11:*:*:*:*:electron:*:*",
"matchCriteriaId": "96C10FF3-2392-4B98-A778-3203ABA55125",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Rocket.Chat desktop application 2.17.11 opens external links without user interaction."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n de escritorio Rocket.Chat versi\u00f3n 2.17.11, abre enlaces externos sin la interacci\u00f3n de un usuario"
}
],
"id": "CVE-2020-26763",
"lastModified": "2024-11-21T05:20:17.317",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-05T15:15:07.910",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat.Electron/pull/1710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat.Electron/pull/1710"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-11 22:15
Modified
2025-01-27 17:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1406479 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1406479 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1141C6-65B5-4FC0-8E0C-C8162E3FDD73",
"versionEndExcluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper authorization vulnerability exists in Rocket.Chat \u003c6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room."
}
],
"id": "CVE-2023-28325",
"lastModified": "2025-01-27T17:15:11.180",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-11T22:15:09.830",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1406479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1406479"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-18 21:15
Modified
2024-11-21 05:06
Severity ?
Summary
Rocket.Chat through 3.4.2 allows XSS where an attacker can send a specially crafted message to a channel or in a direct message to the client which results in remote code execution on the client side.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.redteam.pl/2020/08/rocket-chat-xss-rce-cve-2020-15926.html | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/RocketChat/Rocket.Chat/commits/develop | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/RocketChat/Rocket.Chat/pull/18356 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.redteam.pl/2020/08/rocket-chat-xss-rce-cve-2020-15926.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat/commits/develop | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat/pull/18356 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD45CA8-D2F9-4AAB-922F-3B636890C61D",
"versionEndIncluding": "3.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat through 3.4.2 allows XSS where an attacker can send a specially crafted message to a channel or in a direct message to the client which results in remote code execution on the client side."
},
{
"lang": "es",
"value": "Rocket.Chat versiones hasta 3.4.2, permite un ataque de tipo XSS donde un atacante puede enviar un mensaje especialmente dise\u00f1ado hacia un canal o en un mensaje directo al cliente que resulta en la ejecuci\u00f3n de c\u00f3digo remota en el lado del cliente."
}
],
"id": "CVE-2020-15926",
"lastModified": "2024-11-21T05:06:28.013",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-18T21:15:12.160",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.redteam.pl/2020/08/rocket-chat-xss-rce-cve-2020-15926.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commits/develop"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/18356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.redteam.pl/2020/08/rocket-chat-xss-rce-cve-2020-15926.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commits/develop"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/18356"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
A SQL injection vulnerability exists in Rocket.Chat <v3.18.6, <v4.4.4 and <v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1581059 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1581059 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "158642DC-67CC-45FA-90B4-7F445FEF7E6B",
"versionEndExcluding": "3.18.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3809AC03-4EBA-4FB2-8DF0-0ABB1A74BC4B",
"versionEndExcluding": "4.4.4",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D44A8A5-8919-412C-9F55-8D9FA73432EE",
"versionEndExcluding": "4.7.3",
"versionStartIncluding": "4.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability exists in Rocket.Chat \u003cv3.18.6, \u003cv4.4.4 and \u003cv4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de inyecci\u00f3n SQL en Rocket.Chat versiones anteriores a v3.18.6, versiones anteriores a v4.4.4 y versiones anteriores a v4.7.3, que puede permitir a un atacante recuperar un token de restablecimiento de contrase\u00f1a a mediante un secreto 2fa."
}
],
"id": "CVE-2022-32211",
"lastModified": "2024-11-21T07:05:55.970",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:11.567",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1581059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1581059"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-27 12:15
Modified
2024-11-21 05:50
Severity ?
Summary
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | 3.11.0 | |
| rocket.chat | rocket.chat | 3.12.0 | |
| rocket.chat | rocket.chat | 3.13.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5071A536-B64E-450C-AB7C-8B0254F40F5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1A1B7776-2BAB-4CA6-A7B1-0C388E4F32BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F4614126-1864-4C56-ADF5-9F0EEDBB8AD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 \u0026 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de saneamiento de entrada inapropiada en el servidor Rocket.Chat versiones 3.11, 3.12 y 3.13, que podr\u00eda conllevar a una inyecci\u00f3n NoSQL no autenticada, resultando potencialmente en RCE"
}
],
"id": "CVE-2021-22911",
"lastModified": "2024-11-21T05:50:53.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-27T12:15:08.153",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162997/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
},
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163419/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
},
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat"
},
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1130721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162997/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163419/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1130721"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-75"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:10
Severity ?
Summary
A cross-site scripting vulnerability exists in Rocket.chat <v5 due to style injection in the complete chat window, an adversary is able to manipulate not only the style of it, but will also be able to block functionality as well as hijacking the content of targeted users. Hence the payloads are stored in messages, it is a persistent attack vector, which will trigger as soon as the message gets viewed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1401268 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1401268 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB310B9-2905-42DC-9D4A-F5233748BEC0",
"versionEndExcluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting vulnerability exists in Rocket.chat \u003cv5 due to style injection in the complete chat window, an adversary is able to manipulate not only the style of it, but will also be able to block functionality as well as hijacking the content of targeted users. Hence the payloads are stored in messages, it is a persistent attack vector, which will trigger as soon as the message gets viewed."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de tipo Cross-site scripting en Rocket.chat versiones anteriores a v5 debido a una inyecci\u00f3n de estilo en la ventana de chat completa, un adversario es capaz de manipular no s\u00f3lo el estilo de la misma, sino que tambi\u00e9n ser\u00e1 capaz de bloquear la funcionalidad as\u00ed como secuestrar el contenido de los usuarios objetivo. Por lo tanto, las cargas \u00fatiles son almacenadas en los mensajes, es un vector de ataque persistente, que ser\u00e1 desencadenado tan pronto como el mensaje sea visualizado.\n"
}
],
"id": "CVE-2022-35251",
"lastModified": "2024-11-21T07:10:58.517",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:14.150",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1401268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1401268"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:10
Severity ?
Summary
A information disclosure vulnerability exists in Rocket.chat <v5, <v4.8.2 and <v4.7.5 where the lack of ACL checks in the getRoomRoles Meteor method leak channel members with special roles to unauthorized clients.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1447440 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1447440 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3155E31-438F-4694-88C7-4D6C91C86C1D",
"versionEndExcluding": "4.7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BCD8A-EF54-4DFB-9DBA-FED38DB78789",
"versionEndExcluding": "4.8.2",
"versionStartIncluding": "4.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A information disclosure vulnerability exists in Rocket.chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 where the lack of ACL checks in the getRoomRoles Meteor method leak channel members with special roles to unauthorized clients."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Rocket.chat versiones anteriores a v5, versiones anteriores a v4.8.2 y versiones anteriores a v4.7.5 donde una falta de comprobaciones de ACL en el m\u00e9todo getRoomRoles Meteor filtra miembros del canal con roles especiales a clientes no autorizados.\n"
}
],
"id": "CVE-2022-35247",
"lastModified": "2024-11-21T07:10:58.063",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:13.957",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1447440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1447440"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1406953 | Exploit, Issue Tracking, Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1406953 | Exploit, Issue Tracking, Mitigation, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3155E31-438F-4694-88C7-4D6C91C86C1D",
"versionEndExcluding": "4.7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BCD8A-EF54-4DFB-9DBA-FED38DB78789",
"versionEndExcluding": "4.8.2",
"versionStartIncluding": "4.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Rocket.Chat versiones anteriores a v5, versiones anteriores a v4.8.2 y versiones anteriores a v4.7.5, debido a que fue encontrado que el m\u00e9todo actionLinkHandler permite la Enumeraci\u00f3n de ID de mensajes con consultas Regex MongoDB."
}
],
"id": "CVE-2022-32218",
"lastModified": "2024-11-21T07:05:56.823",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:11.670",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1406953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1406953"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-26 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
Rocket.Chat before 3.11, 3.10.5, 3.9.7, 3.8.8 is vulnerable to persistent cross-site scripting (XSS) using nested markdown tags allowing a remote attacker to inject arbitrary JavaScript in a message. This flaw leads to arbitrary file read and RCE on Rocket.Chat desktop app.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://docs.rocket.chat/guides/security/security-updates | Vendor Advisory | |
| support@hackerone.com | https://github.com/RocketChat/Rocket.Chat/pull/20430 | Patch, Third Party Advisory | |
| support@hackerone.com | https://hackerone.com/reports/1014459 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.rocket.chat/guides/security/security-updates | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat/pull/20430 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1014459 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | 3.11.0 | |
| rocket.chat | rocket.chat | 3.11.0 | |
| rocket.chat | rocket.chat | 3.11.0 | |
| rocket.chat | rocket.chat | 3.11.0 | |
| rocket.chat | rocket.chat | 3.11.0 | |
| rocket.chat | rocket.chat | 3.11.0 | |
| rocket.chat | rocket.chat | 3.11.0 | |
| rocket.chat | rocket.chat | 3.11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86A30DEE-F0BD-42BD-8BE7-EAFC4EB83A94",
"versionEndExcluding": "3.8.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B4CA06-527F-4600-A11A-ABFA54D754C8",
"versionEndExcluding": "3.9.7",
"versionStartIncluding": "3.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EFC543-2F10-4521-9814-ABBD237364EB",
"versionEndExcluding": "3.10.5",
"versionStartIncluding": "3.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "894B212B-12E9-49D0-9DCC-A8DA2BE98FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B996994C-FEC5-4524-94F4-E8F7CD666BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "506868F8-3FEE-478E-BAA2-889C53A79977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "49553F24-2CC0-48E6-BA55-4CE0283C1E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "C4B247DC-ECB0-4859-8F6D-6CAA2C01B57E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B3962CCC-17F4-4F4B-AE82-A53DB5ED19A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "AA4771F7-A143-44C9-8FED-B9111C22D058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "6CA36B0C-3A4D-44EA-BAB8-A9B2D7F672D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat before 3.11, 3.10.5, 3.9.7, 3.8.8 is vulnerable to persistent cross-site scripting (XSS) using nested markdown tags allowing a remote attacker to inject arbitrary JavaScript in a message. This flaw leads to arbitrary file read and RCE on Rocket.Chat desktop app."
},
{
"lang": "es",
"value": "Rocket.Chat versiones anteriores a 3.11, 3.10.5, 3.9.7, 3.8.8, es vulnerable a ataques de tipo cross-site scripting (XSS) persistente que usan etiquetas markdown anidadas que permiten a un atacante remoto inyectar JavaScript arbitrario en un mensaje.\u0026#xa0;Este fallo conlleva a una lectura de archivos arbitraria y una RCE en la aplicaci\u00f3n de escritorio Rocket.Chat."
}
],
"id": "CVE-2021-22886",
"lastModified": "2024-11-21T05:50:50.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-26T19:15:11.913",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/20430"
},
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1014459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/20430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1014459"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 since the getReadReceipts Meteor server method does not properly filter user inputs that are passed to MongoDB queries, allowing $regex queries to enumerate arbitrary Message IDs.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1377105 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1377105 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3155E31-438F-4694-88C7-4D6C91C86C1D",
"versionEndExcluding": "4.7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BCD8A-EF54-4DFB-9DBA-FED38DB78789",
"versionEndExcluding": "4.8.2",
"versionStartIncluding": "4.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 since the getReadReceipts Meteor server method does not properly filter user inputs that are passed to MongoDB queries, allowing $regex queries to enumerate arbitrary Message IDs."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Rocket.Chat versiones anteriores a v5, versiones anteriores a v4.8.2 y versiones anteriores a v4.7.5 ya que el m\u00e9todo del servidor Meteor getReadReceipts no filtra apropiadamente las entradas del usuario que son pasadas a las consultas de MongoDB, permitiendo que las consultas $regex enumeren IDs de mensajes arbitrarios.\n"
}
],
"id": "CVE-2022-32228",
"lastModified": "2024-11-21T07:05:58.053",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:11.933",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1377105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1377105"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-03 01:29
Modified
2024-11-21 03:04
Severity ?
Summary
Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://blog.sbarbeau.fr/2018/03/nosql-injection-leading-to.html | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/RocketChat/Rocket.Chat/pull/8408 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.sbarbeau.fr/2018/03/nosql-injection-leading-to.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat/pull/8408 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46499A06-D98B-412B-8089-778E3587BE06",
"versionEndIncluding": "0.59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover"
},
{
"lang": "es",
"value": "Rocket.Chat Server, en su versi\u00f3n 0.59 y anteriores, es vulnerable a una inyecci\u00f3n NoSQL que conduce a la toma de control de la cuenta de administrador."
}
],
"id": "CVE-2017-1000493",
"lastModified": "2024-11-21T03:04:51.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-03T01:29:00.343",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.sbarbeau.fr/2018/03/nosql-injection-leading-to.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/8408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.sbarbeau.fr/2018/03/nosql-injection-leading-to.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/8408"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-09 22:15
Modified
2025-01-28 21:15
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1379451 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1379451 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAE3A1B1-27A3-4FD5-BCE6-CC713F0C8B90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices."
}
],
"id": "CVE-2023-28318",
"lastModified": "2025-01-28T21:15:14.500",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-09T22:15:10.083",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1379451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1379451"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-346"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
A information disclosure vulnerability exists in Rockert.Chat <v5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1446767 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1446767 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB310B9-2905-42DC-9D4A-F5233748BEC0",
"versionEndExcluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A information disclosure vulnerability exists in Rockert.Chat \u003cv5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Rockert.Chat versiones anteriores a v5 debido a que /api/v1/chat.getThreadsList no sanea las entradas del usuario y, por lo tanto, puede filtrar mensajes de hilos privados a usuarios no autorizados por medio de una inyecci\u00f3n en la base de datos Mongo.\n"
}
],
"id": "CVE-2022-32229",
"lastModified": "2024-11-21T07:05:58.173",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:11.987",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1446767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1446767"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-30 21:15
Modified
2024-11-21 06:07
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript. In Rocket.Chat before versions 3.11.3, 3.12.2, and 3.13 an issue with certain regular expressions could lead potentially to Denial of Service. This was fixed in versions 3.11.3, 3.12.2, and 3.13.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "884F0825-B932-403D-A419-626F8B3C1AA4",
"versionEndExcluding": "3.11.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F568464-264D-4269-8979-12FD1BB17F73",
"versionEndExcluding": "3.12.2",
"versionStartIncluding": "3.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript. In Rocket.Chat before versions 3.11.3, 3.12.2, and 3.13 an issue with certain regular expressions could lead potentially to Denial of Service. This was fixed in versions 3.11.3, 3.12.2, and 3.13."
},
{
"lang": "es",
"value": "Rocket.Chat es una plataforma de comunicaciones de c\u00f3digo abierto totalmente personalizable y desarrollada en JavaScript. En Rocket.Chat versiones anteriores a 3.11.3, 3.12.2 y 3.13, un problema con determinadas expresiones regulares pod\u00eda conllevar potencialmente a una denegaci\u00f3n de servicio. Esto fue corregido en versiones 3.11.3, 3.12.2 y 3.13."
}
],
"id": "CVE-2021-32832",
"lastModified": "2024-11-21T06:07:50.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-30T21:15:09.350",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commit/4a0dce973e37ec3f56ca2231d6030511dbdd094c"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.11.3"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-310-redos-Rocket.Chat/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commit/4a0dce973e37ec3f56ca2231d6030511dbdd094c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.11.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-310-redos-Rocket.Chat/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-25 01:15
Modified
2024-09-26 17:41
Severity ?
Summary
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to DOM-based Cross-site Scripting (XSS). Attackers may be able to abuse the UpdateOTRAck method to forge a message that contains an XSS payload.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B9DDD7-5E79-488F-BD2F-9B7EEBF7EC46",
"versionEndExcluding": "6.7.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "842262D3-74EF-490E-B0DC-4DC0A0B185AA",
"versionEndExcluding": "6.8.7",
"versionStartIncluding": "6.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "702723D8-57FB-402E-A6B7-39907F865998",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "6.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C84DFE29-F5DE-411B-82B7-24DDBCD82CFF",
"versionEndExcluding": "6.10.6",
"versionStartIncluding": "6.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5668FE7A-694F-4E18-960C-D2BFEC6890DF",
"versionEndExcluding": "6.11.3",
"versionStartIncluding": "6.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E57EDBB1-FF16-4A24-AED2-90D61FB47CE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "48C71A14-5A84-4CBD-BA42-07DE1EB5A320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "403EB714-366A-4783-8547-00E4A3F4BF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "526F1CDD-BCD2-457E-A165-13ABE499F1EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8DA3467D-B02C-4FA0-BE26-071FB1560183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EAE65E7F-2D5B-4B26-A089-F0E4B5C72E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "E74704CE-0BCF-440D-9087-5B5D66DD0B01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to DOM-based Cross-site Scripting (XSS). Attackers may be able to abuse the UpdateOTRAck method to forge a message that contains an XSS payload."
},
{
"lang": "es",
"value": "Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8 y versiones anteriores son vulnerables a ataques de Cross Site Scripting (XSS) basados en DOM. Los atacantes podr\u00edan abusar del m\u00e9todo UpdateOTRAck para falsificar un mensaje que contenga un payload XSS."
}
],
"id": "CVE-2024-46934",
"lastModified": "2024-09-26T17:41:09.580",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-25T01:15:44.597",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/33246"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-08 18:15
Modified
2024-11-21 05:22
Severity ?
Summary
An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF24E06-3F87-45B4-A0F0-3F0A38B0ED0A",
"versionEndIncluding": "3.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de enumeraci\u00f3n de direcciones de correo electr\u00f3nico en la funci\u00f3n password reset de Rocket.Chat versiones hasta 3.9.1"
}
],
"id": "CVE-2020-28208",
"lastModified": "2024-11-21T05:22:28.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-08T18:15:13.450",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/160845/Rocket.Chat-3.7.1-Email-Address-Enumeration.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2021/Jan/32"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2021/Jan/43"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/07/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/08/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/13/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://trovent.github.io/security-advisories/TRSA-2010-01/TRSA-2010-01.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://trovent.io/security-advisory-2010-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/160845/Rocket.Chat-3.7.1-Email-Address-Enumeration.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2021/Jan/32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2021/Jan/43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/07/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/08/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://trovent.github.io/security-advisories/TRSA-2010-01/TRSA-2010-01.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://trovent.io/security-advisory-2010-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-25 01:15
Modified
2024-09-26 17:39
Severity ?
Summary
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B9DDD7-5E79-488F-BD2F-9B7EEBF7EC46",
"versionEndExcluding": "6.7.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "842262D3-74EF-490E-B0DC-4DC0A0B185AA",
"versionEndExcluding": "6.8.7",
"versionStartIncluding": "6.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "702723D8-57FB-402E-A6B7-39907F865998",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "6.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C84DFE29-F5DE-411B-82B7-24DDBCD82CFF",
"versionEndExcluding": "6.10.6",
"versionStartIncluding": "6.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5668FE7A-694F-4E18-960C-D2BFEC6890DF",
"versionEndExcluding": "6.11.3",
"versionStartIncluding": "6.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E57EDBB1-FF16-4A24-AED2-90D61FB47CE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "48C71A14-5A84-4CBD-BA42-07DE1EB5A320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "403EB714-366A-4783-8547-00E4A3F4BF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "526F1CDD-BCD2-457E-A165-13ABE499F1EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8DA3467D-B02C-4FA0-BE26-071FB1560183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EAE65E7F-2D5B-4B26-A089-F0E4B5C72E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "E74704CE-0BCF-440D-9087-5B5D66DD0B01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser."
},
{
"lang": "es",
"value": "Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8 y versiones anteriores son vulnerables a ataques de denegaci\u00f3n de servicio (DoS). Los atacantes que creen mensajes con caracteres espec\u00edficos pueden bloquear el espacio de trabajo debido a un problema en el analizador de mensajes."
}
],
"id": "CVE-2024-46935",
"lastModified": "2024-09-26T17:39:33.123",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-25T01:15:44.650",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/33227"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-18 13:15
Modified
2024-11-21 05:38
Severity ?
Summary
A link preview rendering issue in Rocket.Chat versions before 3.9 could lead to potential XSS attacks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://github.com/RocketChat/Rocket.Chat/pull/19854 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat/pull/19854 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "871A18D3-10F1-4D29-8D08-07DB0C3C9A17",
"versionEndExcluding": "3.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A link preview rendering issue in Rocket.Chat versions before 3.9 could lead to potential XSS attacks."
},
{
"lang": "es",
"value": "Un problema de renderizaci\u00f3n de la vista previa de los enlaces en Rocket.Chat versiones anteriores a 3.9, pod\u00eda conllevar a posibles ataques de tipo XSS"
}
],
"id": "CVE-2020-8291",
"lastModified": "2024-11-21T05:38:40.327",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-18T13:15:09.063",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/19854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/19854"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-10 22:15
Modified
2024-11-21 07:47
Severity ?
Summary
An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1757663 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1757663 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1141C6-65B5-4FC0-8E0C-C8162E3FDD73",
"versionEndExcluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room."
}
],
"id": "CVE-2023-23911",
"lastModified": "2024-11-21T07:47:05.107",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-10T22:15:10.427",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1757663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1757663"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-11 22:15
Modified
2025-01-27 17:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1781131 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1781131 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1141C6-65B5-4FC0-8E0C-C8162E3FDD73",
"versionEndExcluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the \"Search Messages\" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover."
}
],
"id": "CVE-2023-28358",
"lastModified": "2025-01-27T17:15:11.633",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-11T22:15:09.993",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1781131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1781131"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:10
Severity ?
Summary
A information disclosure vulnerability exists in Rocket.Chat <v5 where the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1410246 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1410246 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB310B9-2905-42DC-9D4A-F5233748BEC0",
"versionEndExcluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A information disclosure vulnerability exists in Rocket.Chat \u003cv5 where the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Rocket.Chat versiones anteriores a v5 donde el m\u00e9todo del servidor meteorol\u00f3gico getUserMentionsByChannel divulga mensajes de canales privados y mensajes directos sin tener en cuenta el permiso de acceso de los usuarios a la sala."
}
],
"id": "CVE-2022-35249",
"lastModified": "2024-11-21T07:10:58.283",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:14.057",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1410246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1410246"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
An information disclosure vulnerability exists in Rocket.Chat <v5 due to the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1410246 | Exploit, Issue Tracking, Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1410246 | Exploit, Issue Tracking, Mitigation, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB310B9-2905-42DC-9D4A-F5233748BEC0",
"versionEndExcluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv5 due to the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Rocket.Chat versiones anteriores a v5 debido a que el m\u00e9todo del servidor meteorol\u00f3gico getUserMentionsByChannel divulga mensajes de canales privados y mensajes directos sin tener en cuenta el permiso de acceso de los usuarios a la sala.\n"
}
],
"id": "CVE-2022-32220",
"lastModified": "2024-11-21T07:05:57.057",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:11.773",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1410246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1410246"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-21 21:15
Modified
2024-11-21 04:31
Severity ?
Summary
Rocket.Chat before 2.1.0 allows XSS via a URL on a ![title] line.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/154944/Rocket.Chat-2.1.0-Cross-Site-Scripting.html | ||
| cve@mitre.org | https://github.com/RocketChat/Rocket.Chat/commits/develop | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/RocketChat/Rocket.Chat/releases | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://www.nezami.me/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154944/Rocket.Chat-2.1.0-Cross-Site-Scripting.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat/commits/develop | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat/releases | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.nezami.me/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39AE3101-9A25-4F95-B8C9-4A010C808C93",
"versionEndExcluding": "2.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat before 2.1.0 allows XSS via a URL on a ![title] line."
},
{
"lang": "es",
"value": "Rocket.Chat versiones anteriores a 2.1.0, permite un ataque de tipo XSS por medio de una URL en una l\u00ednea ![title]."
}
],
"id": "CVE-2019-17220",
"lastModified": "2024-11-21T04:31:53.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-21T21:15:10.767",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/154944/Rocket.Chat-2.1.0-Cross-Site-Scripting.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commits/develop"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.nezami.me/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154944/Rocket.Chat-2.1.0-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commits/develop"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.nezami.me/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-02 19:15
Modified
2024-09-16 17:28
Severity ?
Summary
The Electron desktop application of Rocket.Chat through 6.3.4 allows stored XSS via links in an uploaded file, related to failure to use a separate browser upon encountering third-party external actions from PDF documents.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/RocketChat/Rocket.Chat/releases/tag/6.3.4 | Product | |
| cve@mitre.org | https://hackerone.com/reports/1967109 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3ED723D-E95F-4770-B627-161A8922AF80",
"versionEndIncluding": "6.3.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Electron desktop application of Rocket.Chat through 6.3.4 allows stored XSS via links in an uploaded file, related to failure to use a separate browser upon encountering third-party external actions from PDF documents."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n de escritorio Electron de Rocket.Chat hasta la versi\u00f3n 6.3.4 permite XSS almacenado a trav\u00e9s de enlaces en un archivo cargado, relacionado con la imposibilidad de usar un navegador separado al encontrar acciones externas de terceros desde documentos PDF."
}
],
"id": "CVE-2024-45621",
"lastModified": "2024-09-16T17:28:53.437",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-02T19:15:13.073",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/6.3.4"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1967109"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:10
Severity ?
Summary
A improper authentication vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1448268 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1448268 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3155E31-438F-4694-88C7-4D6C91C86C1D",
"versionEndExcluding": "4.7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BCD8A-EF54-4DFB-9DBA-FED38DB78789",
"versionEndExcluding": "4.8.2",
"versionStartIncluding": "4.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper authentication vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de autenticaci\u00f3n inapropiada en Rocket.Chat versiones anteriores a v5, versiones anteriores a v4.8.2 y versiones anteriores a v4.7.5 que permit\u00eda omitir la autenticaci\u00f3n de dos factores cuando era indicado al servidor que usara CAS durante el inicio de sesi\u00f3n."
}
],
"id": "CVE-2022-35248",
"lastModified": "2024-11-21T07:10:58.177",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:14.007",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1448268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1448268"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-25 01:15
Modified
2024-09-26 17:12
Severity ?
Summary
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the description and release notes of the marketplace and private apps.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 | |
| rocket.chat | rocket.chat | 6.12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B9DDD7-5E79-488F-BD2F-9B7EEBF7EC46",
"versionEndExcluding": "6.7.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "842262D3-74EF-490E-B0DC-4DC0A0B185AA",
"versionEndExcluding": "6.8.7",
"versionStartIncluding": "6.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "702723D8-57FB-402E-A6B7-39907F865998",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "6.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C84DFE29-F5DE-411B-82B7-24DDBCD82CFF",
"versionEndExcluding": "6.10.6",
"versionStartIncluding": "6.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5668FE7A-694F-4E18-960C-D2BFEC6890DF",
"versionEndExcluding": "6.11.3",
"versionStartIncluding": "6.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E57EDBB1-FF16-4A24-AED2-90D61FB47CE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "48C71A14-5A84-4CBD-BA42-07DE1EB5A320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "403EB714-366A-4783-8547-00E4A3F4BF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "526F1CDD-BCD2-457E-A165-13ABE499F1EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8DA3467D-B02C-4FA0-BE26-071FB1560183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EAE65E7F-2D5B-4B26-A089-F0E4B5C72E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "E74704CE-0BCF-440D-9087-5B5D66DD0B01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the description and release notes of the marketplace and private apps."
},
{
"lang": "es",
"value": "Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8 y versiones anteriores permiten XSS almacenado en la descripci\u00f3n y notas de lanzamiento del mercado y aplicaciones privadas."
}
],
"id": "CVE-2024-47048",
"lastModified": "2024-09-26T17:12:07.440",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-25T01:15:44.810",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/33246"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
A cleartext transmission of sensitive information exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 relating to Oauth tokens by having the permission "view-full-other-user-info", this could cause an oauth token leak in the product.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1517377 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1517377 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3155E31-438F-4694-88C7-4D6C91C86C1D",
"versionEndExcluding": "4.7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BCD8A-EF54-4DFB-9DBA-FED38DB78789",
"versionEndExcluding": "4.8.2",
"versionStartIncluding": "4.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cleartext transmission of sensitive information exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 relating to Oauth tokens by having the permission \"view-full-other-user-info\", this could cause an oauth token leak in the product."
},
{
"lang": "es",
"value": "Se presenta una transmisi\u00f3n en texto sin cifrar de informaci\u00f3n confidencial en Rocket.Chat versiones anteriores a v5, versiones anteriores a v4.8.2 y versiones anteriores a v4.7.5, relacionada con los tokens de Oauth al tener el permiso \"view-full-other-user-info\", esto podr\u00eda causar un filtrado de tokens de Oauth en el producto.\n"
}
],
"id": "CVE-2022-32227",
"lastModified": "2024-11-21T07:05:57.930",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:11.877",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1517377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1517377"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:10
Severity ?
Summary
A privilege escalation vulnerability exists in Rocket.chat <v5 which made it possible to elevate privileges for any authenticated user to view Direct messages without appropriate permissions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/917946 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/917946 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB310B9-2905-42DC-9D4A-F5233748BEC0",
"versionEndExcluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability exists in Rocket.chat \u003cv5 which made it possible to elevate privileges for any authenticated user to view Direct messages without appropriate permissions."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escalada de privilegios en Rocket.chat versiones anteriores a v5 que permit\u00eda elevar los privilegios de cualquier usuario autenticado para visualizar los mensajes directos sin los permisos apropiados.\n"
}
],
"id": "CVE-2022-35250",
"lastModified": "2024-11-21T07:10:58.397",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:14.107",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/917946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/917946"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-23 15:15
Modified
2024-11-21 07:28
Severity ?
Summary
A command injection vulnerability exists in Rocket.Chat-Desktop <3.8.14 that could allow an attacker to pass a malicious url of openInternalVideoChatWindow to shell.openExternal(), which may lead to remote code execution (internalVideoChatWindow.ts#L17). To exploit the vulnerability, the internal video chat window must be disabled or a Mac App Store build must be used (internalVideoChatWindow.ts#L14). The vulnerability may be exploited by an XSS attack because the function openInternalVideoChatWindow is exposed in the Rocket.Chat-Desktop-API.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1781102 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1781102 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19CAED1A-A80E-4623-B0AC-EA59F74B9DDD",
"versionEndExcluding": "3.8.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists in Rocket.Chat-Desktop \u003c3.8.14 that could allow an attacker to pass a malicious url of openInternalVideoChatWindow to shell.openExternal(), which may lead to remote code execution (internalVideoChatWindow.ts#L17). To exploit the vulnerability, the internal video chat window must be disabled or a Mac App Store build must be used (internalVideoChatWindow.ts#L14). The vulnerability may be exploited by an XSS attack because the function openInternalVideoChatWindow is exposed in the Rocket.Chat-Desktop-API."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en Rocket.Chat-Desktop \u0026lt;3.8.14 que podr\u00eda permitir a un atacante pasar una URL maliciosa de openInternalVideoChatWindow a shell.openExternal(), lo que puede provocar la ejecuci\u00f3n remota de c\u00f3digo (internalVideoChatWindow.ts#L17). Para aprovechar la vulnerabilidad, se debe desactivar la ventana interna de chat de v\u00eddeo o se debe utilizar una versi\u00f3n de Mac App Store (internalVideoChatWindow.ts#L14). La vulnerabilidad puede ser explotada por un ataque XSS porque la funci\u00f3n openInternalVideoChatWindow est\u00e1 expuesta en Rocket.Chat-Desktop-API."
}
],
"id": "CVE-2022-44567",
"lastModified": "2024-11-21T07:28:08.680",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-23T15:15:15.920",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1781102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1781102"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-11 22:15
Modified
2025-01-27 18:15
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
A vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command /mute occur after checking whether a user is a member of a given channel, leaking private channel members to unauthorized users. This allows authenticated users to enumerate whether a username is a member of a channel that they do not have access to.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1445810 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1445810 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1141C6-65B5-4FC0-8E0C-C8162E3FDD73",
"versionEndExcluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command /mute occur after checking whether a user is a member of a given channel, leaking private channel members to unauthorized users. This allows authenticated users to enumerate whether a username is a member of a channel that they do not have access to."
}
],
"id": "CVE-2023-28357",
"lastModified": "2025-01-27T18:15:33.477",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-11T22:15:09.940",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1445810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1445810"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-11 01:29
Modified
2024-11-21 03:48
Severity ?
Summary
An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js in Rocket.Chat before 0.65. The real name of a username is displayed unescaped when the user is mentioned (using the @ symbol) in a channel or private chat. Consequently, it is possible to exfiltrate the secret token of every user and also admins in the channel.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/RocketChat/Rocket.Chat/pull/10793 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/RocketChat/Rocket.Chat/pull/10793 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3478E0A9-100D-4565-8D3C-E90B07027344",
"versionEndExcluding": "0.65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js in Rocket.Chat before 0.65. The real name of a username is displayed unescaped when the user is mentioned (using the @ symbol) in a channel or private chat. Consequently, it is possible to exfiltrate the secret token of every user and also admins in the channel."
},
{
"lang": "es",
"value": "Se ha descubierto un problema de Cross-Site Scripting (XSS) en packages/rocketchat-mentions/Mentions.js en Rocket.Chat en versiones anteriores a la 0.65. El nombre real de un nombre de usuario se muestra sin escapar cuando se menciona al usuario (con el s\u00edmbolo @) en un canal o chat privado. En consecuencia, es posible exfiltrar el token secreto de cada usuario y tambi\u00e9n de los administradores en el canal."
}
],
"id": "CVE-2018-13878",
"lastModified": "2024-11-21T03:48:14.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-11T01:29:01.503",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/10793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/10793"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-23 19:15
Modified
2024-11-21 07:05
Severity ?
Summary
An improper access control vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to input data in the getUsersOfRoom Meteor server method is not type validated, so that MongoDB query operator objects are accepted by the server, so that instead of a matching rid String a$regex query can be executed, bypassing the room access permission check for every but the first matching room.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://hackerone.com/reports/1410357 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1410357 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * | |
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3155E31-438F-4694-88C7-4D6C91C86C1D",
"versionEndExcluding": "4.7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BCD8A-EF54-4DFB-9DBA-FED38DB78789",
"versionEndExcluding": "4.8.2",
"versionStartIncluding": "4.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 due to input data in the getUsersOfRoom Meteor server method is not type validated, so that MongoDB query operator objects are accepted by the server, so that instead of a matching rid String a$regex query can be executed, bypassing the room access permission check for every but the first matching room."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de control de acceso inapropiado en Rocket.Chat versiones anteriores a v5, versiones anteriores a v4.8.2 y versiones anteriores a v4.7.5 debido a que los datos de entrada en el m\u00e9todo del servidor getUsersOfRoom Meteor no est\u00e1n comprobados por el tipo, por lo que los objetos del operador de consulta MongoDB son aceptados por el servidor, de modo que en lugar de una consulta rid String coincidente puede ejecutarse una consulta $regex, salt\u00e1ndose la comprobaci\u00f3n del permiso de acceso a la sala para todas las salas excepto la primera.\n"
}
],
"id": "CVE-2022-32226",
"lastModified": "2024-11-21T07:05:57.813",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-23T19:15:11.823",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1410357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1410357"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-26 18:16
Modified
2024-11-21 05:38
Severity ?
Summary
Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag & drop functionality in message boxes.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://docs.rocket.chat/guides/security/security-updates | Vendor Advisory | |
| support@hackerone.com | https://hackerone.com/reports/962902 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.rocket.chat/guides/security/security-updates | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/962902 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rocket.chat | rocket.chat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "871A18D3-10F1-4D29-8D08-07DB0C3C9A17",
"versionEndExcluding": "3.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag \u0026 drop functionality in message boxes."
},
{
"lang": "es",
"value": "Un servidor Rocket.Chat versiones anteriores a 3.9.0, es susceptible a una vulnerabilidad de tipo cross-site scripting (XSS) propio por medio de la funcionalidad drag \u0026amp; drop en los cuadros de mensaje"
}
],
"id": "CVE-2020-8292",
"lastModified": "2024-11-21T05:38:40.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-26T18:16:08.443",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"source": "support@hackerone.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/962902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/962902"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2020-8292
Vulnerability from cvelistv5
Published
2021-01-21 19:13
Modified
2024-08-04 09:56
Severity ?
EPSS score ?
Summary
Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag & drop functionality in message boxes.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.rocket.chat/guides/security/security-updates | x_refsource_MISC | |
| https://hackerone.com/reports/962902 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat server |
Version: Fixed in 3.9.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/962902"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 3.9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag \u0026 drop functionality in message boxes."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site Scripting (XSS) - DOM (CWE-79)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-21T19:13:28",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/962902"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2020-8292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat server",
"version": {
"version_data": [
{
"version_value": "Fixed in 3.9.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag \u0026 drop functionality in message boxes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - DOM (CWE-79)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.rocket.chat/guides/security/security-updates",
"refsource": "MISC",
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"name": "https://hackerone.com/reports/962902",
"refsource": "MISC",
"url": "https://hackerone.com/reports/962902"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8292",
"datePublished": "2021-01-21T19:13:28",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:28.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28356
Vulnerability from cvelistv5
Published
2023-05-11 00:00
Modified
2025-01-27 16:57
Severity ?
EPSS score ?
Summary
A vulnerability has been identified where a maliciously crafted message containing a specific chain of characters can cause the chat to enter a hot loop on one of the processes, consuming ~120% CPU and rendering the service unresponsive.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: This issue has been fixed in version 6.0> and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:24.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1461340"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28356",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T16:55:49.480085Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T16:57:01.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "This issue has been fixed in version 6.0\u003e and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified where a maliciously crafted message containing a specific chain of characters can cause the chat to enter a hot loop on one of the processes, consuming ~120% CPU and rendering the service unresponsive."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Denial of Service (CWE-400)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-11T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1461340"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-28356",
"datePublished": "2023-05-11T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-27T16:57:01.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-46934
Vulnerability from cvelistv5
Published
2024-09-24 00:00
Modified
2024-09-24 19:10
Severity ?
EPSS score ?
Summary
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to DOM-based Cross-site Scripting (XSS). Attackers may be able to abuse the UpdateOTRAck method to forge a message that contains an XSS payload.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-46934",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T19:10:02.000214Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T19:10:09.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to DOM-based Cross-site Scripting (XSS). Attackers may be able to abuse the UpdateOTRAck method to forge a message that contains an XSS payload."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T18:38:42.784636",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RocketChat/Rocket.Chat/pull/33246"
},
{
"url": "https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-46934",
"datePublished": "2024-09-24T00:00:00",
"dateReserved": "2024-09-15T00:00:00",
"dateUpdated": "2024-09-24T19:10:09.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22911
Vulnerability from cvelistv5
Published
2021-05-27 11:14
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1130721 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/162997/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html | x_refsource_MISC | |
| http://packetstormsecurity.com/files/163419/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html | x_refsource_MISC | |
| https://blog.sonarsource.com/nosql-injections-in-rocket-chat | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat server |
Version: Fixed in: 3.13.2, 3.12.4, 3.11.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:25.847Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1130721"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162997/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/163419/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in: 3.13.2, 3.12.4, 3.11.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 \u0026 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-75",
"description": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) (CWE-75)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-30T18:44:53",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1130721"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162997/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/163419/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat server",
"version": {
"version_data": [
{
"version_value": "Fixed in: 3.13.2, 3.12.4, 3.11.4"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 \u0026 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) (CWE-75)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1130721",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1130721"
},
{
"name": "http://packetstormsecurity.com/files/162997/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162997/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/163419/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/163419/Rocket.Chat-3.12.1-NoSQL-Injection-Code-Execution.html"
},
{
"name": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat",
"refsource": "MISC",
"url": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22911",
"datePublished": "2021-05-27T11:14:39",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:25.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28317
Vulnerability from cvelistv5
Published
2023-05-09 00:00
Modified
2025-01-28 20:33
Severity ?
EPSS score ?
Summary
A vulnerability has been discovered in Rocket.Chat, where editing messages can change the original timestamp, causing the UI to display messages in an incorrect order.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: This issue has been fixed in version 6.0> and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:24.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1379635"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28317",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T20:33:27.864840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494 Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T20:33:33.813Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "This issue has been fixed in version 6.0\u003e and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Rocket.Chat, where editing messages can change the original timestamp, causing the UI to display messages in an incorrect order."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization (CWE-285)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-09T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1379635"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-28317",
"datePublished": "2023-05-09T00:00:00.000Z",
"dateReserved": "2023-03-14T00:00:00.000Z",
"dateUpdated": "2025-01-28T20:33:33.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35248
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 09:29
Severity ?
EPSS score ?
Summary
A improper authentication vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1448268 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: Fixed in versions 4.7.5, 4.8.2, 5.0.0> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:29:17.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1448268"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in versions 4.7.5, 4.8.2, 5.0.0\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper authentication vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication - Generic (CWE-287)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:12",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1448268"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-35248",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "Fixed in versions 4.7.5, 4.8.2, 5.0.0\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A improper authentication vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication - Generic (CWE-287)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1448268",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1448268"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-35248",
"datePublished": "2022-09-23T18:28:12",
"dateReserved": "2022-07-06T00:00:00",
"dateUpdated": "2024-08-03T09:29:17.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32228
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 07:39
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 since the getReadReceipts Meteor server method does not properly filter user inputs that are passed to MongoDB queries, allowing $regex queries to enumerate arbitrary Message IDs.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1377105 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: Fixed in versions 4.7.5, 4.8.2 and 5.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:39:49.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1377105"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in versions 4.7.5, 4.8.2 and 5.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 since the getReadReceipts Meteor server method does not properly filter user inputs that are passed to MongoDB queries, allowing $regex queries to enumerate arbitrary Message IDs."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Disclosure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:13",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1377105"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-32228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "Fixed in versions 4.7.5, 4.8.2 and 5.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 since the getReadReceipts Meteor server method does not properly filter user inputs that are passed to MongoDB queries, allowing $regex queries to enumerate arbitrary Message IDs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1377105",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1377105"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32228",
"datePublished": "2022-09-23T18:28:13",
"dateReserved": "2022-06-01T00:00:00",
"dateUpdated": "2024-08-03T07:39:49.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-1000493
Vulnerability from cvelistv5
Published
2018-01-03 01:00
Modified
2024-08-05 22:00
Severity ?
EPSS score ?
Summary
Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover
References
| ▼ | URL | Tags |
|---|---|---|
| http://blog.sbarbeau.fr/2018/03/nosql-injection-leading-to.html | x_refsource_MISC | |
| https://github.com/RocketChat/Rocket.Chat/pull/8408 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.sbarbeau.fr/2018/03/nosql-injection-leading-to.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/8408"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-12-29T00:00:00",
"datePublic": "2017-10-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-23T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.sbarbeau.fr/2018/03/nosql-injection-leading-to.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/8408"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-12-29",
"ID": "CVE-2017-1000493",
"REQUESTER": "security@rocket.chat",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.sbarbeau.fr/2018/03/nosql-injection-leading-to.html",
"refsource": "MISC",
"url": "http://blog.sbarbeau.fr/2018/03/nosql-injection-leading-to.html"
},
{
"name": "https://github.com/RocketChat/Rocket.Chat/pull/8408",
"refsource": "CONFIRM",
"url": "https://github.com/RocketChat/Rocket.Chat/pull/8408"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000493",
"datePublished": "2018-01-03T01:00:00",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T22:00:41.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35247
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 09:29
Severity ?
EPSS score ?
Summary
A information disclosure vulnerability exists in Rocket.chat <v5, <v4.8.2 and <v4.7.5 where the lack of ACL checks in the getRoomRoles Meteor method leak channel members with special roles to unauthorized clients.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1447440 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: Fixed in versions 4.7.5, 4.8,2 and 5.0.0> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:29:17.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1447440"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in versions 4.7.5, 4.8,2 and 5.0.0\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A information disclosure vulnerability exists in Rocket.chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 where the lack of ACL checks in the getRoomRoles Meteor method leak channel members with special roles to unauthorized clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Disclosure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:13",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1447440"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-35247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "Fixed in versions 4.7.5, 4.8,2 and 5.0.0\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A information disclosure vulnerability exists in Rocket.chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 where the lack of ACL checks in the getRoomRoles Meteor method leak channel members with special roles to unauthorized clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1447440",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1447440"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-35247",
"datePublished": "2022-09-23T18:28:13",
"dateReserved": "2022-07-06T00:00:00",
"dateUpdated": "2024-08-03T09:29:17.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-46935
Vulnerability from cvelistv5
Published
2024-09-24 00:00
Modified
2024-09-24 19:11
Severity ?
EPSS score ?
Summary
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-46935",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T19:11:00.773136Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T19:11:08.895Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T18:39:03.104141",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RocketChat/Rocket.Chat/pull/33227"
},
{
"url": "https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-46935",
"datePublished": "2024-09-24T00:00:00",
"dateReserved": "2024-09-15T00:00:00",
"dateUpdated": "2024-09-24T19:11:08.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32219
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists in Rocket.Chat <v4.7.5 which allowed the "users.list" REST endpoint gets a query parameter from JSON and runs Users.find(queryFromClientSide). This means virtually any authenticated user can access any data (except password hashes) of any user authenticated.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1140631 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: fixed in 4.7.5> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:55.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1140631"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "fixed in 4.7.5\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv4.7.5 which allowed the \"users.list\" REST endpoint gets a query parameter from JSON and runs Users.find(queryFromClientSide). This means virtually any authenticated user can access any data (except password hashes) of any user authenticated."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Disclosure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:14",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1140631"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-32219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "fixed in 4.7.5\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv4.7.5 which allowed the \"users.list\" REST endpoint gets a query parameter from JSON and runs Users.find(queryFromClientSide). This means virtually any authenticated user can access any data (except password hashes) of any user authenticated."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1140631",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1140631"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32219",
"datePublished": "2022-09-23T18:28:14",
"dateReserved": "2022-06-01T00:00:00",
"dateUpdated": "2024-08-03T07:32:55.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-23911
Vulnerability from cvelistv5
Published
2023-03-10 00:00
Modified
2025-02-28 17:04
Severity ?
EPSS score ?
Summary
An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: fixed version => 6.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:26.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1757663"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T17:04:21.276061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T17:04:35.204Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "fixed version =\u003e 6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control - Generic (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-10T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1757663"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-23911",
"datePublished": "2023-03-10T00:00:00.000Z",
"dateReserved": "2023-01-19T00:00:00.000Z",
"dateUpdated": "2025-02-28T17:04:35.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-26763
Vulnerability from cvelistv5
Published
2021-07-05 14:49
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
The Rocket.Chat desktop application 2.17.11 opens external links without user interaction.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/RocketChat/Rocket.Chat.Electron/pull/1710 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:03:21.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat.Electron/pull/1710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Rocket.Chat desktop application 2.17.11 opens external links without user interaction."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-05T14:49:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RocketChat/Rocket.Chat.Electron/pull/1710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26763",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Rocket.Chat desktop application 2.17.11 opens external links without user interaction."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RocketChat/Rocket.Chat.Electron/pull/1710",
"refsource": "MISC",
"url": "https://github.com/RocketChat/Rocket.Chat.Electron/pull/1710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26763",
"datePublished": "2021-07-05T14:49:09",
"dateReserved": "2020-10-07T00:00:00",
"dateUpdated": "2024-08-04T16:03:21.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13878
Vulnerability from cvelistv5
Published
2018-07-11 01:00
Modified
2024-09-17 01:20
Severity ?
EPSS score ?
Summary
An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js in Rocket.Chat before 0.65. The real name of a username is displayed unescaped when the user is mentioned (using the @ symbol) in a channel or private chat. Consequently, it is possible to exfiltrate the secret token of every user and also admins in the channel.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/RocketChat/Rocket.Chat/pull/10793 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:14:47.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/10793"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js in Rocket.Chat before 0.65. The real name of a username is displayed unescaped when the user is mentioned (using the @ symbol) in a channel or private chat. Consequently, it is possible to exfiltrate the secret token of every user and also admins in the channel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T01:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/10793"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-13878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js in Rocket.Chat before 0.65. The real name of a username is displayed unescaped when the user is mentioned (using the @ symbol) in a channel or private chat. Consequently, it is possible to exfiltrate the secret token of every user and also admins in the channel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RocketChat/Rocket.Chat/pull/10793",
"refsource": "CONFIRM",
"url": "https://github.com/RocketChat/Rocket.Chat/pull/10793"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-13878",
"datePublished": "2018-07-11T01:00:00Z",
"dateReserved": "2018-07-10T00:00:00Z",
"dateUpdated": "2024-09-17T01:20:43.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28316
Vulnerability from cvelistv5
Published
2023-05-09 00:00
Modified
2025-01-28 20:38
Severity ?
EPSS score ?
Summary
A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is enabled.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/992280 |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: Fixed in 6.0> and back-ported accordingly to our supported versions. Check https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions for more info |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:25.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/992280"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28316",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T20:38:17.004789Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T20:38:20.621Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 6.0\u003e and back-ported accordingly to our supported versions. Check https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions for more info"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is enabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "Session Fixation (CWE-384)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-09T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/992280"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-28316",
"datePublished": "2023-05-09T00:00:00.000Z",
"dateReserved": "2023-03-14T00:00:00.000Z",
"dateUpdated": "2025-01-28T20:38:20.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-8288
Vulnerability from cvelistv5
Published
2021-01-21 19:13
Modified
2024-08-04 09:56
Severity ?
EPSS score ?
Summary
The `specializedRendering` function in Rocket.Chat server before 3.9.2 allows a cross-site scripting (XSS) vulnerability by way of the `value` parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/899954 | x_refsource_MISC | |
| https://rocket.chat/xss-vulnerability-hotfix-available-for-all-affected-versions/ | x_refsource_MISC | |
| https://docs.rocket.chat/guides/security/security-updates | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat server |
Version: Fixed in 3.9.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/899954"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://rocket.chat/xss-vulnerability-hotfix-available-for-all-affected-versions/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 3.9.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The `specializedRendering` function in Rocket.Chat server before 3.9.2 allows a cross-site scripting (XSS) vulnerability by way of the `value` parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site Scripting (XSS) - Stored (CWE-79)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-21T19:13:16",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/899954"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://rocket.chat/xss-vulnerability-hotfix-available-for-all-affected-versions/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2020-8288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat server",
"version": {
"version_data": [
{
"version_value": "Fixed in 3.9.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The `specializedRendering` function in Rocket.Chat server before 3.9.2 allows a cross-site scripting (XSS) vulnerability by way of the `value` parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Stored (CWE-79)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/899954",
"refsource": "MISC",
"url": "https://hackerone.com/reports/899954"
},
{
"name": "https://rocket.chat/xss-vulnerability-hotfix-available-for-all-affected-versions/",
"refsource": "MISC",
"url": "https://rocket.chat/xss-vulnerability-hotfix-available-for-all-affected-versions/"
},
{
"name": "https://docs.rocket.chat/guides/security/security-updates",
"refsource": "MISC",
"url": "https://docs.rocket.chat/guides/security/security-updates"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8288",
"datePublished": "2021-01-21T19:13:16",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:28.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37405
Vulnerability from cvelistv5
Published
2024-07-12 15:41
Modified
2024-08-02 03:50
Severity ?
EPSS score ?
Summary
Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken (pre-authentication) and livechat:loadHistory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rocket.Chat | Rocket.Chat |
Version: 6.10.0 ≤ |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rocket.chat:rocket.chat:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rocket.chat",
"vendor": "rocket.chat",
"versions": [
{
"lessThan": "6.10.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37405",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T15:02:45.719813Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T15:08:43.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:56.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/2580062"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Rocket.Chat",
"vendor": "Rocket.Chat",
"versions": [
{
"lessThan": "6.10.0",
"status": "affected",
"version": "6.10.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken (pre-authentication) and livechat:loadHistory."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T15:41:03.461Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/2580062"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-37405",
"datePublished": "2024-07-12T15:41:03.461Z",
"dateReserved": "2024-06-08T01:04:07.093Z",
"dateUpdated": "2024-08-02T03:50:56.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28358
Vulnerability from cvelistv5
Published
2023-05-11 00:00
Modified
2025-01-27 16:55
Severity ?
EPSS score ?
Summary
A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: This issue has been fixed in version 6.0> and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:24.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1781131"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T16:53:50.631896Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T16:55:11.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "This issue has been fixed in version 6.0\u003e and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the \"Search Messages\" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site Scripting (XSS) - Stored (CWE-79)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-11T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1781131"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-28358",
"datePublished": "2023-05-11T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-27T16:55:11.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-32832
Vulnerability from cvelistv5
Published
2021-08-30 20:55
Modified
2024-08-03 23:33
Severity ?
EPSS score ?
Summary
Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript. In Rocket.Chat before versions 3.11.3, 3.12.2, and 3.13 an issue with certain regular expressions could lead potentially to Denial of Service. This was fixed in versions 3.11.3, 3.12.2, and 3.13.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.rocket.chat/guides/security/security-updates | x_refsource_MISC | |
| https://securitylab.github.com/advisories/GHSL-2020-310-redos-Rocket.Chat/ | x_refsource_CONFIRM | |
| https://github.com/RocketChat/Rocket.Chat/releases/tag/3.11.3 | x_refsource_MISC | |
| https://github.com/RocketChat/Rocket.Chat/commit/4a0dce973e37ec3f56ca2231d6030511dbdd094c | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RocketChat | Rocket.Chat |
Version: < 3.11.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:55.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-310-redos-Rocket.Chat/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.11.3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commit/4a0dce973e37ec3f56ca2231d6030511dbdd094c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "RocketChat",
"versions": [
{
"status": "affected",
"version": "\u003c 3.11.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript. In Rocket.Chat before versions 3.11.3, 3.12.2, and 3.13 an issue with certain regular expressions could lead potentially to Denial of Service. This was fixed in versions 3.11.3, 3.12.2, and 3.13."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-30T20:55:13",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-310-redos-Rocket.Chat/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.11.3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commit/4a0dce973e37ec3f56ca2231d6030511dbdd094c"
}
],
"source": {
"defect": [
"GHSL-2020-310"
],
"discovery": "INTERNAL"
},
"title": "ReDOS in Rocket.Chat",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32832",
"STATE": "PUBLIC",
"TITLE": "ReDOS in Rocket.Chat"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "\u003c 3.11.3"
}
]
}
}
]
},
"vendor_name": "RocketChat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript. In Rocket.Chat before versions 3.11.3, 3.12.2, and 3.13 an issue with certain regular expressions could lead potentially to Denial of Service. This was fixed in versions 3.11.3, 3.12.2, and 3.13."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.rocket.chat/guides/security/security-updates",
"refsource": "MISC",
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-310-redos-Rocket.Chat/",
"refsource": "CONFIRM",
"url": "https://securitylab.github.com/advisories/GHSL-2020-310-redos-Rocket.Chat/"
},
{
"name": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.11.3",
"refsource": "MISC",
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.11.3"
},
{
"name": "https://github.com/RocketChat/Rocket.Chat/commit/4a0dce973e37ec3f56ca2231d6030511dbdd094c",
"refsource": "MISC",
"url": "https://github.com/RocketChat/Rocket.Chat/commit/4a0dce973e37ec3f56ca2231d6030511dbdd094c"
}
]
},
"source": {
"defect": [
"GHSL-2020-310"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32832",
"datePublished": "2021-08-30T20:55:13",
"dateReserved": "2021-05-12T00:00:00",
"dateUpdated": "2024-08-03T23:33:55.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35249
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 09:29
Severity ?
EPSS score ?
Summary
A information disclosure vulnerability exists in Rocket.Chat <v5 where the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1410246 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: Fixed in version 5.0> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:29:17.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1410246"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in version 5.0\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A information disclosure vulnerability exists in Rocket.Chat \u003cv5 where the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Disclosure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:12",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1410246"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-35249",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "Fixed in version 5.0\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A information disclosure vulnerability exists in Rocket.Chat \u003cv5 where the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1410246",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1410246"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-35249",
"datePublished": "2022-09-23T18:28:12",
"dateReserved": "2022-07-06T00:00:00",
"dateUpdated": "2024-08-03T09:29:17.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22910
Vulnerability from cvelistv5
Published
2021-08-09 12:27
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
A sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1130874 | x_refsource_MISC | |
| https://blog.sonarsource.com/nosql-injections-in-rocket-chat/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat server |
Version: Fixed versions: 3.13.2, 3.12.4, 3.11.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1130874"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed versions: 3.13.2, 3.12.4, 3.11.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A sanitization vulnerability exists in Rocket.Chat server versions \u003c3.13.2, \u003c3.12.4, \u003c3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-75",
"description": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) (CWE-75)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-13T20:47:50",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1130874"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat server",
"version": {
"version_data": [
{
"version_value": "Fixed versions: 3.13.2, 3.12.4, 3.11.4"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A sanitization vulnerability exists in Rocket.Chat server versions \u003c3.13.2, \u003c3.12.4, \u003c3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) (CWE-75)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1130874",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1130874"
},
{
"name": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat/",
"refsource": "MISC",
"url": "https://blog.sonarsource.com/nosql-injections-in-rocket-chat/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22910",
"datePublished": "2021-08-09T12:27:46",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:26.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-28208
Vulnerability from cvelistv5
Published
2021-01-08 17:26
Modified
2024-08-04 16:33
Severity ?
EPSS score ?
Summary
An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://trovent.io/security-advisory-2010-01 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2021/01/07/1 | mailing-list, x_refsource_MLIST | |
| http://packetstormsecurity.com/files/160845/Rocket.Chat-3.7.1-Email-Address-Enumeration.html | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2021/01/08/1 | mailing-list, x_refsource_MLIST | |
| https://trovent.github.io/security-advisories/TRSA-2010-01/TRSA-2010-01.txt | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2021/Jan/32 | mailing-list, x_refsource_FULLDISC | |
| http://www.openwall.com/lists/oss-security/2021/01/13/1 | mailing-list, x_refsource_MLIST | |
| http://seclists.org/fulldisclosure/2021/Jan/43 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:33:58.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trovent.io/security-advisory-2010-01"
},
{
"name": "[oss-security] 20210107 Trovent Security Advisory 2010-01 / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/07/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/160845/Rocket.Chat-3.7.1-Email-Address-Enumeration.html"
},
{
"name": "[oss-security] 20210108 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/08/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trovent.github.io/security-advisories/TRSA-2010-01/TRSA-2010-01.txt"
},
{
"name": "20210112 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jan/32"
},
{
"name": "[oss-security] 20210113 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/13/1"
},
{
"name": "20210119 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jan/43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-19T18:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trovent.io/security-advisory-2010-01"
},
{
"name": "[oss-security] 20210107 Trovent Security Advisory 2010-01 / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/07/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/160845/Rocket.Chat-3.7.1-Email-Address-Enumeration.html"
},
{
"name": "[oss-security] 20210108 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/08/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trovent.github.io/security-advisories/TRSA-2010-01/TRSA-2010-01.txt"
},
{
"name": "20210112 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jan/32"
},
{
"name": "[oss-security] 20210113 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/13/1"
},
{
"name": "20210119 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jan/43"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trovent.io/security-advisory-2010-01",
"refsource": "MISC",
"url": "https://trovent.io/security-advisory-2010-01"
},
{
"name": "[oss-security] 20210107 Trovent Security Advisory 2010-01 / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/01/07/1"
},
{
"name": "http://packetstormsecurity.com/files/160845/Rocket.Chat-3.7.1-Email-Address-Enumeration.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/160845/Rocket.Chat-3.7.1-Email-Address-Enumeration.html"
},
{
"name": "[oss-security] 20210108 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/01/08/1"
},
{
"name": "https://trovent.github.io/security-advisories/TRSA-2010-01/TRSA-2010-01.txt",
"refsource": "MISC",
"url": "https://trovent.github.io/security-advisories/TRSA-2010-01/TRSA-2010-01.txt"
},
{
"name": "20210112 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jan/32"
},
{
"name": "[oss-security] 20210113 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/01/13/1"
},
{
"name": "20210119 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jan/43"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28208",
"datePublished": "2021-01-08T17:26:39",
"dateReserved": "2020-11-04T00:00:00",
"dateUpdated": "2024-08-04T16:33:58.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28357
Vulnerability from cvelistv5
Published
2023-05-11 00:00
Modified
2025-01-27 17:11
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command /mute occur after checking whether a user is a member of a given channel, leaking private channel members to unauthorized users. This allows authenticated users to enumerate whether a username is a member of a channel that they do not have access to.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: This issue has been fixed in version 6.0> and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:25.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1445810"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28357",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:09:51.564571Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T17:11:35.726Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "This issue has been fixed in version 6.0\u003e and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command /mute occur after checking whether a user is a member of a given channel, leaking private channel members to unauthorized users. This allows authenticated users to enumerate whether a username is a member of a channel that they do not have access to."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Disclosure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-11T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1445810"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-28357",
"datePublished": "2023-05-11T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-27T17:11:35.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-29594
Vulnerability from cvelistv5
Published
2020-12-30 06:17
Modified
2024-08-04 16:55
Severity ?
EPSS score ?
Summary
Rocket.Chat before 0.74.4, 1.x before 1.3.4, 2.x before 2.4.13, 3.x before 3.7.3, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 mishandles SAML login.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/RocketChat/Rocket.Chat/releases/tag/3.9.1 | x_refsource_MISC | |
| https://github.com/RocketChat/Rocket.Chat/compare/3.8.2...3.8.3 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.9.1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/compare/3.8.2...3.8.3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat before 0.74.4, 1.x before 1.3.4, 2.x before 2.4.13, 3.x before 3.7.3, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 mishandles SAML login."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-30T06:17:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.9.1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RocketChat/Rocket.Chat/compare/3.8.2...3.8.3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-29594",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rocket.Chat before 0.74.4, 1.x before 1.3.4, 2.x before 2.4.13, 3.x before 3.7.3, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 mishandles SAML login."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.9.1",
"refsource": "MISC",
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/3.9.1"
},
{
"name": "https://github.com/RocketChat/Rocket.Chat/compare/3.8.2...3.8.3",
"refsource": "MISC",
"url": "https://github.com/RocketChat/Rocket.Chat/compare/3.8.2...3.8.3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-29594",
"datePublished": "2020-12-30T06:17:19",
"dateReserved": "2020-12-07T00:00:00",
"dateUpdated": "2024-08-04T16:55:10.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28359
Vulnerability from cvelistv5
Published
2023-05-11 00:00
Modified
2025-01-27 16:52
Severity ?
EPSS score ?
Summary
A NoSQL injection vulnerability has been identified in the listEmojiCustom method call within Rocket.Chat. This can be exploited by unauthenticated users when there is at least one custom emoji uploaded to the Rocket.Chat instance. The vulnerability causes a delay in the server response, with the potential for limited impact.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: This issue has been fixed in version 6.0> and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:24.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1757676"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28359",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T16:51:28.735917Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T16:52:17.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "This issue has been fixed in version 6.0\u003e and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A NoSQL injection vulnerability has been identified in the listEmojiCustom method call within Rocket.Chat. This can be exploited by unauthenticated users when there is at least one custom emoji uploaded to the Rocket.Chat instance. The vulnerability causes a delay in the server response, with the potential for limited impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection (CWE-89)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-11T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1757676"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-28359",
"datePublished": "2023-05-11T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-01-27T16:52:17.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28318
Vulnerability from cvelistv5
Published
2023-05-09 00:00
Modified
2025-01-28 20:28
Severity ?
EPSS score ?
Summary
A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: This issue has been fixed in version 6.0> and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:25.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1379451"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28318",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T20:26:57.215562Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T20:28:02.478Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "This issue has been fixed in version 6.0\u003e and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization (CWE-285)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-09T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1379451"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-28318",
"datePublished": "2023-05-09T00:00:00.000Z",
"dateReserved": "2023-03-14T00:00:00.000Z",
"dateUpdated": "2025-01-28T20:28:02.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-30124
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 06:40
Severity ?
EPSS score ?
Summary
An improper authentication vulnerability exists in Rocket.Chat Mobile App <4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication (PIN code).
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1126414 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat Mobile app |
Version: 4.14.1.22788 iOS/Android |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:40:47.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1126414"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat Mobile app",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "4.14.1.22788 iOS/Android"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability exists in Rocket.Chat Mobile App \u003c4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication (PIN code)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication - Generic (CWE-287)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:14",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1126414"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-30124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat Mobile app",
"version": {
"version_data": [
{
"version_value": "4.14.1.22788 iOS/Android"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper authentication vulnerability exists in Rocket.Chat Mobile App \u003c4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication (PIN code)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication - Generic (CWE-287)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1126414",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1126414"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-30124",
"datePublished": "2022-09-23T18:28:14",
"dateReserved": "2022-05-02T00:00:00",
"dateUpdated": "2024-08-03T06:40:47.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32227
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 07:39
Severity ?
EPSS score ?
Summary
A cleartext transmission of sensitive information exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 relating to Oauth tokens by having the permission "view-full-other-user-info", this could cause an oauth token leak in the product.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1517377 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: Fixed in versions 4.7.5, 4.8.2, 5.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:39:49.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1517377"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in versions 4.7.5, 4.8.2, 5.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cleartext transmission of sensitive information exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 relating to Oauth tokens by having the permission \"view-full-other-user-info\", this could cause an oauth token leak in the product."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "Cleartext Transmission of Sensitive Information (CWE-319)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:13",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1517377"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-32227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "Fixed in versions 4.7.5, 4.8.2, 5.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cleartext transmission of sensitive information exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 relating to Oauth tokens by having the permission \"view-full-other-user-info\", this could cause an oauth token leak in the product."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Transmission of Sensitive Information (CWE-319)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1517377",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1517377"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32227",
"datePublished": "2022-09-23T18:28:13",
"dateReserved": "2022-06-01T00:00:00",
"dateUpdated": "2024-08-03T07:39:49.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35251
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 09:29
Severity ?
EPSS score ?
Summary
A cross-site scripting vulnerability exists in Rocket.chat <v5 due to style injection in the complete chat window, an adversary is able to manipulate not only the style of it, but will also be able to block functionality as well as hijacking the content of targeted users. Hence the payloads are stored in messages, it is a persistent attack vector, which will trigger as soon as the message gets viewed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1401268 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.chat |
Version: Fixed in 5.0> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:29:17.524Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1401268"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 5.0\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting vulnerability exists in Rocket.chat \u003cv5 due to style injection in the complete chat window, an adversary is able to manipulate not only the style of it, but will also be able to block functionality as well as hijacking the content of targeted users. Hence the payloads are stored in messages, it is a persistent attack vector, which will trigger as soon as the message gets viewed."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site Scripting (XSS) - Stored (CWE-79)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:12",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1401268"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-35251",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.chat",
"version": {
"version_data": [
{
"version_value": "Fixed in 5.0\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting vulnerability exists in Rocket.chat \u003cv5 due to style injection in the complete chat window, an adversary is able to manipulate not only the style of it, but will also be able to block functionality as well as hijacking the content of targeted users. Hence the payloads are stored in messages, it is a persistent attack vector, which will trigger as soon as the message gets viewed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Stored (CWE-79)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1401268",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1401268"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-35251",
"datePublished": "2022-09-23T18:28:12",
"dateReserved": "2022-07-06T00:00:00",
"dateUpdated": "2024-08-03T09:29:17.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32211
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
A SQL injection vulnerability exists in Rocket.Chat <v3.18.6, <v4.4.4 and <v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1581059 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: Fixed in 3.18.6, 4.4.4 and 4.7.3> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:55.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1581059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 3.18.6, 4.4.4 and 4.7.3\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability exists in Rocket.Chat \u003cv3.18.6, \u003cv4.4.4 and \u003cv4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection (CWE-89)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:14",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1581059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-32211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "Fixed in 3.18.6, 4.4.4 and 4.7.3\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability exists in Rocket.Chat \u003cv3.18.6, \u003cv4.4.4 and \u003cv4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection (CWE-89)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1581059",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1581059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32211",
"datePublished": "2022-09-23T18:28:14",
"dateReserved": "2022-06-01T00:00:00",
"dateUpdated": "2024-08-03T07:32:55.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32217
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1394399 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.chat |
Version: fixed in 4.6.4> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:55.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1394399"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "fixed in 4.6.4\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cleartext storage of sensitive information exists in Rocket.Chat \u003cv4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "Cleartext Storage of Sensitive Information (CWE-312)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:14",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1394399"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-32217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.chat",
"version": {
"version_data": [
{
"version_value": "fixed in 4.6.4\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cleartext storage of sensitive information exists in Rocket.Chat \u003cv4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Storage of Sensitive Information (CWE-312)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1394399",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1394399"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32217",
"datePublished": "2022-09-23T18:28:14",
"dateReserved": "2022-06-01T00:00:00",
"dateUpdated": "2024-08-03T07:32:55.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-17220
Vulnerability from cvelistv5
Published
2019-10-21 20:12
Modified
2024-08-05 01:33
Severity ?
EPSS score ?
Summary
Rocket.Chat before 2.1.0 allows XSS via a URL on a ![title] line.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.nezami.me/ | x_refsource_MISC | |
| https://github.com/RocketChat/Rocket.Chat/releases | x_refsource_MISC | |
| https://github.com/RocketChat/Rocket.Chat/commits/develop | x_refsource_MISC | |
| http://packetstormsecurity.com/files/154944/Rocket.Chat-2.1.0-Cross-Site-Scripting.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nezami.me/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commits/develop"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154944/Rocket.Chat-2.1.0-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat before 2.1.0 allows XSS via a URL on a ![title] line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-23T19:06:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nezami.me/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RocketChat/Rocket.Chat/releases"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commits/develop"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154944/Rocket.Chat-2.1.0-Cross-Site-Scripting.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rocket.Chat before 2.1.0 allows XSS via a URL on a ![title] line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nezami.me/",
"refsource": "MISC",
"url": "https://www.nezami.me/"
},
{
"name": "https://github.com/RocketChat/Rocket.Chat/releases",
"refsource": "MISC",
"url": "https://github.com/RocketChat/Rocket.Chat/releases"
},
{
"name": "https://github.com/RocketChat/Rocket.Chat/commits/develop",
"refsource": "MISC",
"url": "https://github.com/RocketChat/Rocket.Chat/commits/develop"
},
{
"name": "http://packetstormsecurity.com/files/154944/Rocket.Chat-2.1.0-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154944/Rocket.Chat-2.1.0-Cross-Site-Scripting.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17220",
"datePublished": "2019-10-21T20:12:50",
"dateReserved": "2019-10-06T00:00:00",
"dateUpdated": "2024-08-05T01:33:17.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13879
Vulnerability from cvelistv5
Published
2018-07-11 01:00
Modified
2024-09-17 03:33
Severity ?
EPSS score ?
Summary
A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. When one creates an account, the next step will ask for a username. This field will not save HTML control characters but an error will be displayed that shows the attempted username unescaped via packages/rocketchat-ui-login/client/username/username.js in packages/rocketchat-ui-login/client/username/username.html.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/RocketChat/Rocket.Chat/issues/10795 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:14:47.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/issues/10795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. When one creates an account, the next step will ask for a username. This field will not save HTML control characters but an error will be displayed that shows the attempted username unescaped via packages/rocketchat-ui-login/client/username/username.js in packages/rocketchat-ui-login/client/username/username.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T01:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/RocketChat/Rocket.Chat/issues/10795"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-13879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. When one creates an account, the next step will ask for a username. This field will not save HTML control characters but an error will be displayed that shows the attempted username unescaped via packages/rocketchat-ui-login/client/username/username.js in packages/rocketchat-ui-login/client/username/username.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RocketChat/Rocket.Chat/issues/10795",
"refsource": "CONFIRM",
"url": "https://github.com/RocketChat/Rocket.Chat/issues/10795"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-13879",
"datePublished": "2018-07-11T01:00:00Z",
"dateReserved": "2018-07-10T00:00:00Z",
"dateUpdated": "2024-09-17T03:33:02.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32229
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 07:39
Severity ?
EPSS score ?
Summary
A information disclosure vulnerability exists in Rockert.Chat <v5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1446767 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: Fixed in version 5.0> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:39:49.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1446767"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in version 5.0\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A information disclosure vulnerability exists in Rockert.Chat \u003cv5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Disclosure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:13",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1446767"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-32229",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "Fixed in version 5.0\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A information disclosure vulnerability exists in Rockert.Chat \u003cv5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1446767",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1446767"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32229",
"datePublished": "2022-09-23T18:28:13",
"dateReserved": "2022-06-01T00:00:00",
"dateUpdated": "2024-08-03T07:39:49.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35250
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 09:29
Severity ?
EPSS score ?
Summary
A privilege escalation vulnerability exists in Rocket.chat <v5 which made it possible to elevate privileges for any authenticated user to view Direct messages without appropriate permissions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/917946 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.chat |
Version: Fixed in 5.0> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:29:17.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/917946"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 5.0\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability exists in Rocket.chat \u003cv5 which made it possible to elevate privileges for any authenticated user to view Direct messages without appropriate permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation (CAPEC-233)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:12",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/917946"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-35250",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.chat",
"version": {
"version_data": [
{
"version_value": "Fixed in 5.0\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A privilege escalation vulnerability exists in Rocket.chat \u003cv5 which made it possible to elevate privileges for any authenticated user to view Direct messages without appropriate permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation (CAPEC-233)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/917946",
"refsource": "MISC",
"url": "https://hackerone.com/reports/917946"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-35250",
"datePublished": "2022-09-23T18:28:12",
"dateReserved": "2022-07-06T00:00:00",
"dateUpdated": "2024-08-03T09:29:17.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32220
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists in Rocket.Chat <v5 due to the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1410246 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: fixed in 5.0.0> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:56.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1410246"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "fixed in 5.0.0\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv5 due to the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Disclosure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:14",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1410246"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-32220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "fixed in 5.0.0\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv5 due to the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1410246",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1410246"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32220",
"datePublished": "2022-09-23T18:28:14",
"dateReserved": "2022-06-01T00:00:00",
"dateUpdated": "2024-08-03T07:32:56.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22892
Vulnerability from cvelistv5
Published
2021-05-27 11:14
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 & v3.11.3 that allowed email addresses to be disclosed by enumeration and validation checks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1089116 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat server |
Version: Fixed versions: 3.13, 3.12.2, 3.11.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:25.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1089116"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed versions: 3.13, 3.12.2, 3.11.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 \u0026 v3.11.3 that allowed email addresses to be disclosed by enumeration and validation checks."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Disclosure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-27T11:14:43",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1089116"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat server",
"version": {
"version_data": [
{
"version_value": "Fixed versions: 3.13, 3.12.2, 3.11.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 \u0026 v3.11.3 that allowed email addresses to be disclosed by enumeration and validation checks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1089116",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1089116"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22892",
"datePublished": "2021-05-27T11:14:43",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:25.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-8291
Vulnerability from cvelistv5
Published
2021-10-18 12:48
Modified
2024-08-04 09:56
Severity ?
EPSS score ?
Summary
A link preview rendering issue in Rocket.Chat versions before 3.9 could lead to potential XSS attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/RocketChat/Rocket.Chat/pull/19854 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat server |
Version: Fixed versions: 3.10, 3.9.4, 3.8.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/19854"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed versions: 3.10, 3.9.4, 3.8.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A link preview rendering issue in Rocket.Chat versions before 3.9 could lead to potential XSS attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site Scripting (XSS) - Stored (CWE-79)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-18T12:48:17",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/19854"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2020-8291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat server",
"version": {
"version_data": [
{
"version_value": "Fixed versions: 3.10, 3.9.4, 3.8.5"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A link preview rendering issue in Rocket.Chat versions before 3.9 could lead to potential XSS attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Stored (CWE-79)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RocketChat/Rocket.Chat/pull/19854",
"refsource": "MISC",
"url": "https://github.com/RocketChat/Rocket.Chat/pull/19854"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8291",
"datePublished": "2021-10-18T12:48:17",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:28.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-22886
Vulnerability from cvelistv5
Published
2021-03-26 18:15
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
Rocket.Chat before 3.11, 3.10.5, 3.9.7, 3.8.8 is vulnerable to persistent cross-site scripting (XSS) using nested markdown tags allowing a remote attacker to inject arbitrary JavaScript in a message. This flaw leads to arbitrary file read and RCE on Rocket.Chat desktop app.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.rocket.chat/guides/security/security-updates | x_refsource_MISC | |
| https://hackerone.com/reports/1014459 | x_refsource_MISC | |
| https://github.com/RocketChat/Rocket.Chat/pull/20430 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: Fixed in 3.11, 3.10.5, 3.9.7, 3.8.8 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:24.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1014459"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/20430"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat ",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 3.11, 3.10.5, 3.9.7, 3.8.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat before 3.11, 3.10.5, 3.9.7, 3.8.8 is vulnerable to persistent cross-site scripting (XSS) using nested markdown tags allowing a remote attacker to inject arbitrary JavaScript in a message. This flaw leads to arbitrary file read and RCE on Rocket.Chat desktop app."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site Scripting (XSS) - Stored (CWE-79)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-26T18:15:54",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1014459"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/20430"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat ",
"version": {
"version_data": [
{
"version_value": "Fixed in 3.11, 3.10.5, 3.9.7, 3.8.8"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rocket.Chat before 3.11, 3.10.5, 3.9.7, 3.8.8 is vulnerable to persistent cross-site scripting (XSS) using nested markdown tags allowing a remote attacker to inject arbitrary JavaScript in a message. This flaw leads to arbitrary file read and RCE on Rocket.Chat desktop app."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Stored (CWE-79)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.rocket.chat/guides/security/security-updates",
"refsource": "MISC",
"url": "https://docs.rocket.chat/guides/security/security-updates"
},
{
"name": "https://hackerone.com/reports/1014459",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1014459"
},
{
"name": "https://github.com/RocketChat/Rocket.Chat/pull/20430",
"refsource": "MISC",
"url": "https://github.com/RocketChat/Rocket.Chat/pull/20430"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22886",
"datePublished": "2021-03-26T18:15:54",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:24.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39713
Vulnerability from cvelistv5
Published
2024-08-05 04:26
Modified
2024-09-06 16:32
Severity ?
EPSS score ?
Summary
A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rocket.Chat | Rocket.Chat |
Version: 6.10.1 ≤ |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rocket.chat",
"vendor": "rocket.chat",
"versions": [
{
"lessThan": "6.10.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39713",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T15:54:31.542275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T16:32:07.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Rocket.Chat",
"vendor": "Rocket.Chat",
"versions": [
{
"lessThan": "6.10.1",
"status": "affected",
"version": "6.10.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Server-Side Request Forgery (SSRF) affects Rocket.Chat\u0027s Twilio webhook endpoint before version 6.10.1."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T04:26:06.959Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1886954"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-39713",
"datePublished": "2024-08-05T04:26:06.959Z",
"dateReserved": "2024-06-28T01:04:08.821Z",
"dateUpdated": "2024-09-06T16:32:07.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-15926
Vulnerability from cvelistv5
Published
2020-08-18 20:50
Modified
2024-08-04 13:30
Severity ?
EPSS score ?
Summary
Rocket.Chat through 3.4.2 allows XSS where an attacker can send a specially crafted message to a channel or in a direct message to the client which results in remote code execution on the client side.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/RocketChat/Rocket.Chat/commits/develop | x_refsource_MISC | |
| https://github.com/RocketChat/Rocket.Chat/pull/18356 | x_refsource_MISC | |
| https://blog.redteam.pl/2020/08/rocket-chat-xss-rce-cve-2020-15926.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:30:23.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commits/develop"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/18356"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.redteam.pl/2020/08/rocket-chat-xss-rce-cve-2020-15926.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat through 3.4.2 allows XSS where an attacker can send a specially crafted message to a channel or in a direct message to the client which results in remote code execution on the client side."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-18T20:50:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RocketChat/Rocket.Chat/commits/develop"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RocketChat/Rocket.Chat/pull/18356"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.redteam.pl/2020/08/rocket-chat-xss-rce-cve-2020-15926.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-15926",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rocket.Chat through 3.4.2 allows XSS where an attacker can send a specially crafted message to a channel or in a direct message to the client which results in remote code execution on the client side."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/RocketChat/Rocket.Chat/commits/develop",
"refsource": "MISC",
"url": "https://github.com/RocketChat/Rocket.Chat/commits/develop"
},
{
"name": "https://github.com/RocketChat/Rocket.Chat/pull/18356",
"refsource": "MISC",
"url": "https://github.com/RocketChat/Rocket.Chat/pull/18356"
},
{
"name": "https://blog.redteam.pl/2020/08/rocket-chat-xss-rce-cve-2020-15926.html",
"refsource": "MISC",
"url": "https://blog.redteam.pl/2020/08/rocket-chat-xss-rce-cve-2020-15926.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15926",
"datePublished": "2020-08-18T20:50:27",
"dateReserved": "2020-07-24T00:00:00",
"dateUpdated": "2024-08-04T13:30:23.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32218
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1406953 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.chat |
Version: Fixed in 4.7.5, 4.8.2 and 5.0> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:56.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1406953"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 4.7.5, 4.8.2 and 5.0\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Disclosure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:13",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1406953"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-32218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.chat",
"version": {
"version_data": [
{
"version_value": "Fixed in 4.7.5, 4.8.2 and 5.0\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1406953",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1406953"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32218",
"datePublished": "2022-09-23T18:28:13",
"dateReserved": "2022-06-01T00:00:00",
"dateUpdated": "2024-08-03T07:32:56.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28325
Vulnerability from cvelistv5
Published
2023-05-11 00:00
Modified
2025-01-27 16:59
Severity ?
EPSS score ?
Summary
An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: This issue has been fixed in version 6.0> and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:24.727Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1406479"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28325",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T16:57:56.856414Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T16:59:31.005Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "This issue has been fixed in version 6.0\u003e and is backported for the supported versions. Check this document for more info: https://docs.rocket.chat/resources/get-support/enterprise-support#rocket.chat-versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper authorization vulnerability exists in Rocket.Chat \u003c6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization (CWE-285)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-11T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1406479"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-28325",
"datePublished": "2023-05-11T00:00:00.000Z",
"dateReserved": "2023-03-14T00:00:00.000Z",
"dateUpdated": "2025-01-27T16:59:31.005Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35246
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 09:29
Severity ?
EPSS score ?
Summary
A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1458020 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: Fixed in versions 4.7.5, 4.8.2 and 5.0> |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:29:17.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1458020"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in versions 4.7.5, 4.8.2 and 5.0\u003e"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Disclosure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:12",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1458020"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-35246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "Fixed in versions 4.7.5, 4.8.2 and 5.0\u003e"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1458020",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1458020"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-35246",
"datePublished": "2022-09-23T18:28:12",
"dateReserved": "2022-07-06T00:00:00",
"dateUpdated": "2024-08-03T09:29:17.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-44567
Vulnerability from cvelistv5
Published
2022-12-23 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
A command injection vulnerability exists in Rocket.Chat-Desktop <3.8.14 that could allow an attacker to pass a malicious url of openInternalVideoChatWindow to shell.openExternal(), which may lead to remote code execution (internalVideoChatWindow.ts#L17). To exploit the vulnerability, the internal video chat window must be disabled or a Mac App Store build must be used (internalVideoChatWindow.ts#L14). The vulnerability may be exploited by an XSS attack because the function openInternalVideoChatWindow is exposed in the Rocket.Chat-Desktop-API.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.chat - Electron Desktop |
Version: fixed in => v3.8.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:54:03.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1781102"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.chat - Electron Desktop",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "fixed in =\u003e v3.8.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists in Rocket.Chat-Desktop \u003c3.8.14 that could allow an attacker to pass a malicious url of openInternalVideoChatWindow to shell.openExternal(), which may lead to remote code execution (internalVideoChatWindow.ts#L17). To exploit the vulnerability, the internal video chat window must be disabled or a Mac App Store build must be used (internalVideoChatWindow.ts#L14). The vulnerability may be exploited by an XSS attack because the function openInternalVideoChatWindow is exposed in the Rocket.Chat-Desktop-API."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "OS Command Injection (CWE-78)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-23T00:00:00",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1781102"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-44567",
"datePublished": "2022-12-23T00:00:00",
"dateReserved": "2022-11-01T00:00:00",
"dateUpdated": "2024-08-03T13:54:03.852Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-47048
Vulnerability from cvelistv5
Published
2024-09-24 00:00
Modified
2024-09-24 19:08
Severity ?
EPSS score ?
Summary
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the description and release notes of the marketplace and private apps.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47048",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T19:08:29.784020Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T19:08:45.482Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the description and release notes of the marketplace and private apps."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T18:40:04.048952",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/RocketChat/Rocket.Chat/pull/33246"
},
{
"url": "https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-47048",
"datePublished": "2024-09-24T00:00:00",
"dateReserved": "2024-09-17T00:00:00",
"dateUpdated": "2024-09-24T19:08:45.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32226
Vulnerability from cvelistv5
Published
2022-09-23 18:28
Modified
2024-08-03 07:39
Severity ?
EPSS score ?
Summary
An improper access control vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to input data in the getUsersOfRoom Meteor server method is not type validated, so that MongoDB query operator objects are accepted by the server, so that instead of a matching rid String a$regex query can be executed, bypassing the room access permission check for every but the first matching room.
References
| ▼ | URL | Tags |
|---|---|---|
| https://hackerone.com/reports/1410357 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.Chat |
Version: Fixed in 4.7.5, 4.8.2 and 5.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:39:49.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1410357"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.Chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 4.7.5, 4.8.2 and 5.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 due to input data in the getUsersOfRoom Meteor server method is not type validated, so that MongoDB query operator objects are accepted by the server, so that instead of a matching rid String a$regex query can be executed, bypassing the room access permission check for every but the first matching room."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control - Generic (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:28:13",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1410357"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2022-32226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rocket.Chat",
"version": {
"version_data": [
{
"version_value": "Fixed in 4.7.5, 4.8.2 and 5.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper access control vulnerability exists in Rocket.Chat \u003cv5, \u003cv4.8.2 and \u003cv4.7.5 due to input data in the getUsersOfRoom Meteor server method is not type validated, so that MongoDB query operator objects are accepted by the server, so that instead of a matching rid String a$regex query can be executed, bypassing the room access permission check for every but the first matching room."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control - Generic (CWE-284)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1410357",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1410357"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32226",
"datePublished": "2022-09-23T18:28:13",
"dateReserved": "2022-06-01T00:00:00",
"dateUpdated": "2024-08-03T07:39:49.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-45621
Vulnerability from cvelistv5
Published
2024-09-02 00:00
Modified
2024-09-03 15:11
Severity ?
EPSS score ?
Summary
The Electron desktop application of Rocket.Chat through 6.3.4 allows stored XSS via links in an uploaded file, related to failure to use a separate browser upon encountering third-party external actions from PDF documents.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45621",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T15:11:17.564473Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:11:25.803Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Electron desktop application of Rocket.Chat through 6.3.4 allows stored XSS via links in an uploaded file, related to failure to use a separate browser upon encountering third-party external actions from PDF documents."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-02T18:45:42.577285",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://hackerone.com/reports/1967109"
},
{
"url": "https://github.com/RocketChat/Rocket.Chat/releases/tag/6.3.4"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-45621",
"datePublished": "2024-09-02T00:00:00",
"dateReserved": "2024-09-02T00:00:00",
"dateUpdated": "2024-09-03T15:11:25.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-23917
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-08-02 10:42
Severity ?
EPSS score ?
Summary
A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an attacker to a RCE under the admin account. Any user can create their own server in your cloud and become an admin so this vulnerability could affect the cloud infrastructure. This attack vector also may increase the impact of XSS to RCE which is dangerous for self-hosted users as well.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rocket.chat |
Version: Fixed Version => 5.2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1631258"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rocket.chat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed Version =\u003e 5.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A prototype pollution vulnerability exists in Rocket.Chat server \u003c5.2.0 that could allow an attacker to a RCE under the admin account. Any user can create their own server in your cloud and become an admin so this vulnerability could affect the cloud infrastructure. This attack vector also may increase the impact of XSS to RCE which is dangerous for self-hosted users as well."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection - Generic (CWE-77)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-23T00:00:00",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1631258"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-23917",
"datePublished": "2023-02-23T00:00:00",
"dateReserved": "2023-01-19T00:00:00",
"dateUpdated": "2024-08-02T10:42:27.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}