Improper Preservation of Permissions
CVE-2019-20846
Summary
An issue was discovered in Mattermost Server before 5.18.0. It has weak permissions for server-local file storage.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- HIGH
- NONE
CWE-281 - Improper Preservation of Permissions
The software does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.
References
Advisory Timeline
- Published