admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-181xx/CVE-2017-18101.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

151 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-18101",
"sourceIdentifier": "security@atlassian.com",
"published": "2018-04-10T13:29:00.383",
"lastModified": "2024-11-21T03:19:21.673",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote attackers to run import operations and to determine if an internal service exists through missing permission checks."
},
{
"lang": "es",
"value": "Varos recursos administrativos de importaci\u00f3n de sistema externo en Atlassian JIRA Server (incluyendo JIRA Core), en versiones anteriores a la 7.6.5, de la versi\u00f3n 7.7.0 antes de la 7.7.3, de la versi\u00f3n 7.8.0 anterior a la 7.8.3 y antes de la versi\u00f3n 7.9.0, permite que atacantes remotos ejecuten operaciones de importaci\u00f3n y determinen si existe un servicio interno a trav\u00e9s de la falta de comprobaci\u00f3n de permisos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"baseScore": 6.4,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "security@atlassian.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.6.5",
"matchCriteriaId": "3517B751-F490-40D0-9612-F64511DA1D81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.7.0",
"versionEndExcluding": "7.7.3",
"matchCriteriaId": "D0281160-9946-46A0-A6FC-B63971CFDEA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndExcluding": "7.8.3",
"matchCriteriaId": "DBBB1C9A-EB14-4C67-8077-D97CEE12525F"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/103730",
"source": "security@atlassian.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://jira.atlassian.com/browse/JRASERVER-67107",
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/103730",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://jira.atlassian.com/browse/JRASERVER-67107",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink