Lucene search

[email protected]CVE-2007-6619

HistoryJan 03, 2008 - 11:46 p.m.

CVE-2007-6619

2008-01-0323:46:00

CWE-264

[email protected]

web.nvd.nist.gov

atlassian

jira

enterprise edition

cve-2007-6619

setup wizard

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.2%

JSON

The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language.

Affected configurations

NVD

Node

atlassianjiraRange≤3.12enterprise

CPENameOperatorVersion
atlassian:jiraatlassian jirale3.12

CPE	Name	Operator	Version
atlassian:jira	atlassian jira	le	3.12

References

confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2007-12-24

osvdb.org/42770

secunia.com/advisories/27954

www.securityfocus.com/bid/27095

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.2%

JSON

Related for CVE-2007-6619

prion1 cvelist1 nvd1 nessus2