Lucene search
Security-metrics-botATLASSIAN:CRUC-8496HistoryOct 28, 2020 - 5:50 p.m.
Local file disclosure / path traversal within WEB-INF in Crucible - CVE-2020-29446
2020-10-2817:50:46
security-metrics-bot
jira.atlassian.com
9
0.002 Low
EPSS
Percentile
61.5%
Affected versions of Atlassian Dev Tools allow remote attackers
to browse local files via an Insecure Direct Object References (IDOR) vulnerability in WEB-INF in Fisheye/Crucible.
The affected versions are before version 4.8.5.
Affected versions:
- version < 4.8.5
Fixed versions:
- 4.8.5
- 4.9.0
Related
cve
cve
CVE-2020-29446
2021-01-18 02:15:13
CVE-2021-43957
2022-03-16 01:15:07
atlassian
atlassian
prion
prion
Spoofing
2021-01-18 02:15:00
Directory traversal
2022-03-16 01:15:00
nvd
nvd
CVE-2020-29446
2021-01-18 02:15:13
CVE-2021-43957
2022-03-16 01:15:07
cvelist
cvelist
CVE-2020-29446
2020-12-10 00:00:00
CVE-2021-43957
2022-03-14 00:00:00