Lucene search
K

7 matches found

Symantec
Symantec
added 2019/12/13 12:0 a.m.73 views

Atlassian FishEye and Crucible CVE-2019-15009 Unauthorized Access Vulnerability

Description Atlassian FishEye and Crucible are prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. Versions prior to FishEye and Crucible 4.8.0 are vulnerable. Technologies...

1.2AI score0.00732EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2019/12/11 2:41 p.m.19 views

CVE-2019-15009

The /json/profile/removeStarAjax.do resource in Atlassian Fisheye and Crucible before version 4.8.0 allows remote attackers to remove another user's favourite setting for a project via an improper authorization vulnerability...

4.6AI score0.00732EPSS
Exploits0References2
CVE
CVE
added 2019/12/11 2:41 p.m.54 views

CVE-2019-15009

The CVE-2019-15009 issue affects Atlassian Fisheye and Crucible before version 4.8.0. The vulnerability is an improper authorization flaw in the /json/profile/removeStarAjax.do resource, which allowed remote attackers to remove another user’s favourite setting for a project. Affected components i...

4.3CVSS4.5AI score0.00732EPSS
Exploits0References2Affected Software2
Atlassian
Atlassian
added 2019/12/10 2:38 a.m.32 views

Improper authorization vulnerability in the /json/profile/removeStarAjax.do resource - CVE-2019-15009

The /json/profile/removeStarAjax.do resource in Atlassian Fisheye before version 4.8.0 allows remote attackers to remove another user's favourite setting for a project via an improper authorization vulnerability...

4.3CVSS6.2AI score0.00732EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/12/10 2:38 a.m.33 views

Improper authorization vulnerability in the /json/profile/removeStarAjax.do resource - CVE-2019-15009

The /json/profile/removeStarAjax.do resource in Atlassian Fisheye before version 4.8.0 allows remote attackers to remove another user's favourite setting for a project via an improper authorization vulnerability...

4.3CVSS6.2AI score0.00732EPSS
Exploits0
Atlassian
Atlassian
added 2019/12/10 2:35 a.m.30 views

Improper authorization vulnerability in the /json/profile/removeStarAjax.do resource - CVE-2019-15009

The /json/profile/removeStarAjax.do resource in Atlassian Crucible before version 4.8.0 allows remote attackers to remove another user's favourite setting for a project via an improper authorization vulnerability...

4.3CVSS6.3AI score0.00732EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/12/10 2:35 a.m.27 views

Improper authorization vulnerability in the /json/profile/removeStarAjax.do resource - CVE-2019-15009

The /json/profile/removeStarAjax.do resource in Atlassian Crucible before version 4.8.0 allows remote attackers to remove another user's favourite setting for a project via an improper authorization vulnerability...

4.3CVSS6.3AI score0.00732EPSS
Exploits0
Rows per page
Query Builder