From e90313fdcbd09a98b1f16659e2d5b63dcc7abea3 Mon Sep 17 00:00:00 2001
From: David Black <dblack@atlassian.com>
Date: Wed, 16 May 2018 13:28:43 +1000
Subject: [PATCH] Add CVE-2018-5231

---
 2018/5xxx/CVE-2018-5231.json | 90 +++++++++++++++++++++++++++++++-----
 1 file changed, 79 insertions(+), 11 deletions(-)

diff --git a/2018/5xxx/CVE-2018-5231.json b/2018/5xxx/CVE-2018-5231.json
index 5ace527ea6c..28f113ff023 100644
--- a/2018/5xxx/CVE-2018-5231.json
+++ b/2018/5xxx/CVE-2018-5231.json
@@ -1,17 +1,85 @@
 {
-   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
-      "ID" : "CVE-2018-5231",
-      "STATE" : "RESERVED"
+   "CVE_data_meta": {
+      "ASSIGNER": "security@atlassian.com",
+      "DATE_PUBLIC": "2018-05-16T00:00:00",
+      "ID": "CVE-2018-5231",
+      "STATE": "PUBLIC"
    },
-   "data_format" : "MITRE",
-   "data_type" : "CVE",
-   "data_version" : "4.0",
-   "description" : {
-      "description_data" : [
+   "affects": {
+      "vendor": {
+         "vendor_data": [
+            {
+               "product": {
+                  "product_data": [
+                     {
+                        "product_name": "Jira",
+                        "version": {
+                           "version_data": [
+                              {
+                                 "version_value": "7.6.6",
+                                 "version_affected": "<"
+                              },
+                              {
+                                 "version_value": "7.7.0",
+                                 "version_affected": ">="
+                              },
+                              {
+                                 "version_value": "7.7.4",
+                                 "version_affected": "<"
+                              },
+                              {
+                                 "version_value": "7.8.0",
+                                 "version_affected": ">="
+                              },
+                              {
+                                 "version_value": "7.8.4",
+                                 "version_affected": "<"
+                              },
+                              {
+                                 "version_value": "7.9.0",
+                                 "version_affected": ">="
+                              },
+                              {
+                                 "version_value": "7.9.2",
+                                 "version_affected": "<"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name": "Atlassian"
+            }
+         ]
+      }
+   },
+   "data_format": "MITRE",
+   "data_type": "CVE",
+   "data_version": "4.0",
+   "description": {
+      "description_data": [
          {
-            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+            "lang": "eng",
+            "value": "The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to perform a denial of service attack via sending requests to it."
+         }
+      ]
+   },
+   "problemtype": {
+      "problemtype_data": [
+         {
+            "description": [
+               {
+                  "lang": "eng",
+                  "value": "Denial of Service"
+               }
+            ]
+         }
+      ]
+   },
+   "references": {
+      "reference_data": [
+         {
+            "url": "https://jira.atlassian.com/browse/JRASERVER-67290"
          }
       ]
    }