CVE-2021-43955

2022-03-1400:00:00

atlassian

www.cve.org

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.5%

JSON

The /rest-service-fecru/server-v1 resource in Fisheye and Crucible before version 4.8.9 allowed authenticated remote attackers to obtain information about installation directories via information disclosure vulnerability.

CNA Affected

[
  {
    "product": "Fisheye",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "4.8.9",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Crucible",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "4.8.9",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]