Information Disclosure Vulnerability in Mattermost Server Allows 2FA Status Enumeration
CVE-2019-20877 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attackers to obtain sensitive information about whether someone has 2FA enabled.
Learn more about our Cis Benchmark Audit For Server Software.