mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-29 05:56:17 +00:00
134 lines
4.2 KiB
JSON
134 lines
4.2 KiB
JSON
{
|
|
"id": "CVE-2018-5231",
|
|
"sourceIdentifier": "security@atlassian.com",
|
|
"published": "2018-05-16T13:29:00.517",
|
|
"lastModified": "2022-03-25T17:22:38.420",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to perform a denial of service attack via sending requests to it."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El recurso ForgotLoginDetails en Atlassian Jira en versiones anteriores a la 7.6.6, desde la versi\u00f3n 7.7.0 hasta la 7.7.4, desde la versi\u00f3n 7.8.0 hasta la 7.8.4 y desde la versi\u00f3n 7.9.0 hasta la 7.9.2 permite que atacantes remotos realicen un ataque de denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de peticiones al mismo."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-noinfo"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "7.6.6",
|
|
"matchCriteriaId": "EF1A112D-4024-4205-900D-BBFFABF01C7B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "7.7.0",
|
|
"versionEndExcluding": "7.7.4",
|
|
"matchCriteriaId": "A38A1E0B-95D0-409F-AE3C-A5725F4605FA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "7.8.0",
|
|
"versionEndExcluding": "7.8.4",
|
|
"matchCriteriaId": "1EC68826-9A37-4903-A349-407510635825"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "7.9.0",
|
|
"versionEndExcluding": "7.9.2",
|
|
"matchCriteriaId": "3C219C9D-07EB-41ED-AE45-E18A366CA4FF"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/104205",
|
|
"source": "security@atlassian.com",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://jira.atlassian.com/browse/JRASERVER-67290",
|
|
"source": "security@atlassian.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |