Executive Summary

Mattermost Desktop App versions prior to 6.0.0 do not properly sanitize sensitive information from application logs and fail to clear data when a server is deleted. This flaw allows an attacker who has access to the user's system to read the application logs and potentially obtain sensitive information.

Useful 0 Not Useful 0

Impact Analysis

An attacker with access to your system could exploit this vulnerability to read Mattermost application logs that contain sensitive information. This could lead to unauthorized disclosure of sensitive data stored in the logs.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability, update the Mattermost Desktop App to version 6.0.0 or later, as versions prior to 6.0.0 fail to sanitize sensitive information from logs and do not clear data on server deletion. Additionally, restrict access to the user's system to prevent unauthorized access to application logs.

Useful 0 Not Useful 0