{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2476", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "state": "PUBLISHED", "assignerShortName": "Mattermost", "dateReserved": "2026-02-13T15:59:24.864Z", "datePublished": "2026-03-16T11:11:07.387Z", "dateUpdated": "2026-03-16T13:49:58.500Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mattermost", "vendor": "Mattermost", "versions": [{"lessThanOrEqual": "2.0.3", "status": "affected", "version": "0", "versionType": "semver"}, {"version": "2.3.1.0", "status": "unaffected"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Yash-Chakerverti"}], "descriptions": [{"lang": "en", "value": "Mattermost Plugins versions <=2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606"}], "metrics": [{"cvssV3_1": {"attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE", "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N", "baseSeverity": "HIGH", "baseScore": 7.6}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "cweId": "CWE-200"}]}], "references": [{"url": "https://mattermost.com/security-updates", "name": "MMSA-2026-00606", "tags": ["vendor-advisory"]}], "solutions": [{"value": "Update Mattermost Plugins to versions 2.3.1.0 or higher.", "lang": "en"}], "source": {"advisory": "MMSA-2026-00606", "defect": ["https://mattermost.atlassian.net/browse/MM-67533"], "discovery": "EXTERNAL"}, "title": "MS Teams plugin sensitive config values not properly masked in support packets", "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2026-03-16T11:11:07.387Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2476", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T13:42:55.950049Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T13:49:58.500Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2476", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T13:42:55.950049Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T13:44:21.926Z"}}], "cna": {"title": "MS Teams plugin sensitive config values not properly masked in support packets", "source": {"defect": ["https://mattermost.atlassian.net/browse/MM-67533"], "advisory": "MMSA-2026-00606", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Yash-Chakerverti"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Mattermost", "product": "Mattermost", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.0.3"}, {"status": "unaffected", "version": "2.3.1.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Mattermost Plugins to versions 2.3.1.0 or higher."}], "references": [{"url": "https://mattermost.com/security-updates", "name": "MMSA-2026-00606", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "Mattermost Plugins versions <=2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "shortName": "Mattermost", "dateUpdated": "2026-03-16T11:11:07.387Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2476", "state": "PUBLISHED", "dateUpdated": "2026-03-16T13:49:58.500Z", "dateReserved": "2026-02-13T15:59:24.864Z", "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee", "datePublished": "2026-03-16T11:11:07.387Z", "assignerShortName": "Mattermost"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mattermost:ms_teams:*:*:*:*:*:mattermost:*:*", "matchCriteriaId": "7A937D4F-6200-46BF-8193-CD5DDB4B5E6C", "versionEndExcluding": "2.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Mattermost Plugins versions <=2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606"}, {"lang": "es", "value": "Las versiones &lt;=2.0.3.0 de los plugins de Mattermost no logran enmascarar correctamente los valores de configuraci\u00f3n sensibles, lo que permite a un atacante con acceso a los paquetes de soporte obtener la configuraci\u00f3n original del plugin a trav\u00e9s de datos de configuraci\u00f3n exportados. ID de Aviso de Mattermost: MMSA-2026-00606"}], "id": "CVE-2026-2476", "lastModified": "2026-03-20T18:29:11.980", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 4.7, "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-16T14:19:30.373", "references": [{"source": "responsibledisclosure@mattermost.com", "tags": ["Vendor Advisory"], "url": "https://mattermost.com/security-updates"}], "sourceIdentifier": "responsibledisclosure@mattermost.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "responsibledisclosure@mattermost.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": ["mattermost"], "status": "affected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Mattermost", "source": "cna", "vendor": "Mattermost"}, "product": "ms_teams", "vendor": "mattermost"}], "analysis": {"en": {"generated_at": "2026-03-20T19:27:46.720580+00:00", "value": {"mitigation_remediation": ["Update Mattermost Plugins to version 2.3.1.0 or higher", "Verify plugin version after update", "If immediate update is unavailable, limit access to support packets and remove sensitive configuration values before exporting", "Monitor for any unmasked configuration data being exported"], "summary": {"action": "Immediate Patch", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "Mattermost\u2019s MS Teams plugins, specifically any installations running versions 2.0.3.0 or earlier, are affected. The issue impacts the Mattermost product as a whole, as the plugin configuration is part of its exported support data.", "description_and_impact": "The vulnerability resides in Mattermost Teams plugins up to version 2.0.3.0, where sensitive configuration values are not properly masked before being exported in support packets. An attacker who can access these packets can retrieve the original plugin settings, potentially exposing credentials, tokens, or other confidential data. The weakness belongs to the CWE-200 class, emphasizing unauthorized disclosure of information.", "risk_and_exploitability": "The CVSS score of 7.6 indicates high severity, while an EPSS score below 1% suggests low current exploitation probability. The vulnerability is not listed in the CISA KEV catalog, implying no known widespread exploitation yet. The attack vector is inferred to be local or remote depending on an attacker\u2019s ability to obtain support packets, which generally requires privileged access or a supply chain compromise. Once the packet is accessed, the attacker can read the unmasked settings, leading to potential credential compromise and further attacks."}}}}, "created": "2026-03-24T10:44:59.551920+00:00", "updated": "2026-03-30T07:02:48.162417+00:00", "vendors": ["mattermost", "mattermost$PRODUCT$ms_teams"]}