Defense Ops Debates: Breach Lessons

Security Vulnerability in 0.57.3, 0.58.3 and below

January 17, 2018

·

min read

All users are advised to upgrade Rocket.Chat Server to 0.57.4, 0.58.4, 0.59.0 or greater.Rocket.Chat Server version 0.58.3, 0.57.3 and prior versions are vulnerable to a NoSQL injection which can lead to an administrator account takeover.Thank you to Steeve Barbeau for identifying and reporting the vulnerability. The details of the vulnerability will be shared in a future update.If you have any questions, concerns or require advice please contact security@rocket.chat or chat to us on https://open.rocket.chat/channel/support.Nick van den Berg

Frequently asked questions about <anything>

Gabriel Engel is the CEO and co-founder of Rocket.Chat, the leading open source communications platform.

Gabriel Engel

Related Article:

Team collaboration: 5 reasons to improve it and 6 ways to master it

Want to collaborate securely with your team?

Deploy Rocket.Chat on-premise or in the cloud and keep your conversations private.

Digital sovereignty
Federation capabilities
Scalable and white-labeled

Looking for a HIPAA-ready communications platform?

Enable patients and healthcare providers to securely communicate without exposing their data.

Highly scalable and secure
Full patient conversation history
HIPAA-ready

The #1 communications platform for government

Deploy Rocket.Chat on-premise, in the cloud, or air-gapped environment.

Secure data governance and digital sovereignty
Trusted by State, Local, and Federal agencies across the world
Matrix federation capabilities for cross-agency communication

Want to customize Rocket.Chat according to your own preferences?

See behind the engine and change the code how you see fit.

Open source code
Highly secure and scalable
Unmatched flexibility

Looking for a secure collaboration platform?

Keep your conversations private while enjoying a seamless collaboration experience with Rocket.Chat.

End-to-end encryption
Cloud or on-prem deployment
Supports compliance with HIPAA, GDPR, FINRA, and more

Want to build a highly secure in-app chat experience?

Use Rocket.Chat’s APIs, frameworks, and managed backend to build a secure in-app or live chat experience for your customers.

Supports compliance with HIPAA, GDPR, FINRA, and more
Highly secure and flexible
On-prem or cloud deployment

Relevant articles

Product Updates

A new chapter for Federation at Rocket.Chat: The shift to a native solution

Product Updates

Product Roundup: What’s new in Rocket.Chat 7.6

Product Updates

Rocket.Chat achieves AWS ISV Accelerate Certification

Product Updates

Product Roundup: What’s new in Rocket.Chat 7.5

Our best content, once a week

Share this on: