5 matches found
CVE-2021-43958
creationtimestamp| type| source ---|---|--- 2022-03-16 06:20:04+00:00| seen| https://t.me/cibsecurity/39011...
CVE-2021-43958
Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to brute force user login credentials as rest resources did not check if users were beyond their max failed login limits and therefore required solving a CAPTCHA in addition to providing user credentials...
CVE-2021-43958
CVE-2021-43958 affects Atlassian Fisheye and Crucible, where REST resources permitted brute-force authentication due to not enforcing maximum failed login limits and CAPTCHA. Versions affected: all prior to 4.8.9. Fixed in 4.8.9. Impact is user authentication bypass via excessive login attempts; ...
CVE-2021-43958: Various rest resources missing CAPTCHA for failed user login attempts
Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to brute force user login credentials as rest resources did not check if users were beyond their max failed login limits and therefore required solving a CAPTCHA in addition to providing user credentials...
CVE-2021-43958: Various rest resources missing CAPTCHA for failed user login attempts
Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to brute force user login credentials as rest resources did not check if users were beyond their max failed login limits and therefore required solving a CAPTCHA in addition to providing user credentials...