cvelist/2018/13xxx/CVE-2018-13400.json

{
    "CVE_data_meta": {
        "ASSIGNER": "security@atlassian.com",
        "DATE_PUBLIC": "2018-10-23T00:00:00",
        "ID": "CVE-2018-13400",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Jira",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.6.9"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "7.7.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.7.5"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "7.8.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.8.5"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "7.9.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.9.3"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "7.10.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.10.3"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "7.11.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.11.3"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "7.12.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.12.3"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "7.13.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.13.1"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Atlassian"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers who have obtained access to administrator's session to access certain administrative resources without needing to re-authenticate to pass \"WebSudo\" through an improper access control vulnerability."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Improper Access Control"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "https://jira.atlassian.com/browse/JRASERVER-68138",
                "refsource": "CONFIRM",
                "url": "https://jira.atlassian.com/browse/JRASERVER-68138"
            },
            {
                "name": "105751",
                "refsource": "BID",
                "url": "http://www.securityfocus.com/bid/105751"
            }
        ]
    }
}
- Synchronized data. 2018-07-06 10:04:23 -04:00			`{`
"-Synchronized-Data." 2019-03-17 21:48:18 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "security@atlassian.com",`
			`"DATE_PUBLIC": "2018-10-23T00:00:00",`
			`"ID": "CVE-2018-13400",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Jira",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "<",`
			`"version_value": "7.6.9"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "7.7.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "7.7.5"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "7.8.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "7.8.5"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "7.9.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "7.9.3"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "7.10.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "7.10.3"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "7.11.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "7.11.3"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "7.12.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "7.12.3"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "7.13.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "7.13.1"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "Atlassian"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
Add CVE-2018-13400 CVE-2018-13401 CVE-2018-13402 2018-10-23 12:04:29 +11:00			`{`
"-Synchronized-Data." 2019-03-17 21:48:18 +00:00			`"lang": "eng",`
			"value": "Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers who have obtained access to administrator's session to access certain administrative resources without needing to re-authenticate to pass \"WebSudo\" through an improper access control vulnerability."
Add CVE-2018-13400 CVE-2018-13401 CVE-2018-13402 2018-10-23 12:04:29 +11:00			`}`
"-Synchronized-Data." 2019-03-17 21:48:18 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Improper Access Control"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "https://jira.atlassian.com/browse/JRASERVER-68138",`
			`"refsource": "CONFIRM",`
			`"url": "https://jira.atlassian.com/browse/JRASERVER-68138"`
			`},`
			`{`
			`"name": "105751",`
			`"refsource": "BID",`
			`"url": "http://www.securityfocus.com/bid/105751"`
			`}`
			`]`
			`}`
			`}`