CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
73.8%
The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and 7.x before 7.0.3 for Atlassian JIRA does not properly restrict the capabilities of third-party XML parsers, which allows remote authenticated users to cause a denial of service (resource consumption) via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
tm_software | tempo | * | cpe:2.3:a:tm_software:tempo:*:*:*:*:*:*:*:* |
tm_software | tempo | 2.2 | cpe:2.3:a:tm_software:tempo:2.2:*:*:*:*:*:*:* |
tm_software | tempo | 2.3 | cpe:2.3:a:tm_software:tempo:2.3:*:*:*:*:*:*:* |
tm_software | tempo | 2.3.1 | cpe:2.3:a:tm_software:tempo:2.3.1:*:*:*:*:*:*:* |
tm_software | tempo | 2.4.1 | cpe:2.3:a:tm_software:tempo:2.4.1:*:*:*:*:*:*:* |
tm_software | tempo | 2.5.1 | cpe:2.3:a:tm_software:tempo:2.5.1:*:*:*:*:*:*:* |
tm_software | tempo | 2.6.1 | cpe:2.3:a:tm_software:tempo:2.6.1:*:*:*:*:*:*:* |
tm_software | tempo | 2.7.1 | cpe:2.3:a:tm_software:tempo:2.7.1:*:*:*:*:*:*:* |
tm_software | tempo | 2.8.1 | cpe:2.3:a:tm_software:tempo:2.8.1:*:*:*:*:*:*:* |
tm_software | tempo | 4.0 | cpe:2.3:a:tm_software:tempo:4.0:*:*:*:*:*:*:* |