Lucene search
K

6 matches found

OSV
OSV
added 2018/02/02 2:29 p.m.4 views

CVE-2017-18035

The /rest/review-coverage-chart/1.0/data//.json resource in Atlassian Fisheye and Crucible before version 4.5.1 and 4.6.0 was missing a permissions check, this allows remote attackers who do not have access to a particular repository to determine its existence and access review coverage statistic...

4.3CVSS5.8AI score0.00803EPSS
Exploits0References2
CVE
CVE
added 2018/02/02 2:0 p.m.59 views

CVE-2017-18035

CVE-2017-18035 affects Atlassian Fisheye and Crucible. The issue is a missing permissions check in the REST endpoint /rest/review-coverage-chart/1.0/data//.json, which could let remote attackers who lack repository access determine the repository’s existence and view review-coverage statistics fo...

4.3CVSS4.6AI score0.00803EPSS
Exploits0References2Affected Software1
Atlassian
Atlassian
added 2018/01/18 10:54 a.m.88 views

Missing permission check in review coverage REST endpoint - CVE-2017-18035

The /rest/review-coverage-chart/1.0/data//.json resource in Atlassian Fisheye and Crucible before version 4.5.1 and 4.6.0 was missing a permissions check, this allows remote attackers who do not have access to a particular repository to determine its existence and access review coverage statistic...

4.3CVSS5.3AI score0.00803EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2018/01/18 10:54 a.m.29 views

Missing permission check in review coverage REST endpoint - CVE-2017-18035

The /rest/review-coverage-chart/1.0/data//.json resource in Atlassian Fisheye and Crucible before version 4.5.1 and 4.6.0 was missing a permissions check, this allows remote attackers who do not have access to a particular repository to determine its existence and access review coverage statistic...

4.3CVSS5.1AI score0.00803EPSS
Exploits0
Atlassian
Atlassian
added 2018/01/18 10:44 a.m.33 views

Missing permission check in review coverage REST endpoint - CVE-2017-18035

The /rest/review-coverage-chart/1.0/data//.json resource in Atlassian Fisheye and Crucible before version 4.5.1 and 4.6.0 was missing a permissions check, this allows remote attackers who do not have access to a particular repository to determine its existence and access review coverage statistic...

4.3CVSS5.3AI score0.00803EPSS
Exploits0
Atlassian
Atlassian
added 2018/01/18 10:44 a.m.77 views

Missing permission check in review coverage REST endpoint - CVE-2017-18035

The /rest/review-coverage-chart/1.0/data//.json resource in Atlassian Fisheye and Crucible before version 4.5.1 and 4.6.0 was missing a permissions check, this allows remote attackers who do not have access to a particular repository to determine its existence and access review coverage statistic...

4.3CVSS5.3AI score0.00803EPSS
Exploits0Affected Software1
Rows per page
Query Builder