Atlassian Fisheye and Crucible Information Disclosure Vulnerability

2022-03-1700:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.001 Low

EPSS

Percentile

35.5%

JSON

Atlassian Fisheye is a source code deep viewer and Atlassian Crucible is a code review tool.Atlassian Fisheye and Crucible are vulnerable due to an information disclosure flaw in the /rest-service-fecru/server-v1 resource. resource. An attacker could exploit this vulnerability to obtain sensitive information from the installation directory.

CPENameOperatorVersion
atlassian cruciblelt4.8.9
atlassian fisheyelt4.8.9

CPE	Name	Operator	Version
	atlassian crucible	lt	4.8.9
	atlassian fisheye	lt	4.8.9

0.001 Low

EPSS

Percentile

35.5%

JSON

Related for CNVD-2022-61831