PT-2020-10815 · Mattermost · Mattermost Mobile Apps

Published

2020-06-19

Updated

2021-07-21

CVE-2019-20852

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mattermost Mobile Apps versions prior to 1.26.0

Description An issue was discovered where local logging is not blocked for sensitive information, such as server addresses or message content.

Recommendations For versions prior to 1.26.0, update to version 1.26.0 or later to resolve the issue. As a temporary workaround, consider restricting access to local logs to minimize the risk of sensitive information exposure.

Fix

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-532

Related Identifiers

CVE-2019-20852

Affected Products

Mattermost Mobile Apps

PT-2020-10815 · Mattermost · Mattermost Mobile Apps

CVE-2019-20852

Weakness Enumeration

Related Identifiers

Affected Products

References · 4