EUVD-2017-6086

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Server Side Request Forgery vulnerability in Hipchat allows remote code execution for admins.

Reporter	Title	Published	Views	Family All 6
0day.today	Hipchat Data Center / Hipchat Server Code Execution / SSRF Vulnerabilities	30 Nov 201700:00	–	zdt
CNVD	Atlassian Hipchat Server and Hipchat Data Center Remote Code Execution Vulnerability	30 Nov 201700:00	–	cnvd
CVE	CVE-2017-14585	27 Nov 201716:00	–	cve
Cvelist	CVE-2017-14585	27 Nov 201716:00	–	cvelist
NVD	CVE-2017-14585	27 Nov 201716:29	–	nvd
Prion	Server side request forgery (ssrf)	27 Nov 201716:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "2c17c7ed-ce14-38d0-8244-496c2c442d59",
        "vendor": {
          "name": "Atlassian"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "13be4578-99bb-364e-9af6-634067b9fdbc",
        "product": {
          "name": "Hipchat Data Center"
        },
        "product_version": "3.0.0 ≤ version < 3.1.0"
      },
      {
        "id": "2a9efee5-3857-3e0a-88a5-8cd3129d859b",
        "product": {
          "name": "Hipchat Server"
        },
        "product_version": "2.2.0 ≤ version < 4.3"
      }
    ]
  }
]

Source	Link
jira	www.jira.atlassian.com/browse/HCPUB-3526
securityfocus	www.securityfocus.com/bid/101945
confluence	www.confluence.atlassian.com/hc/hipchat-server-security-advisory-2017-11-22-939946293.html
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7High risk

Vulners AI Score7

CVSS 37.2

CVSS 29

EPSS0.01753