Atlassian Crowd < 3.6.0 Improper Authorization Via ATST Plugin

According to its self-reported version number, the Atlassian Crowd application running on the remote host is prior to version 3.6.0. It is, therefore, shipped with a vulnerable version of the Atlassian Troubleshooting and Support plugin ATST, which permitted unprivileged users to initialte log...

CVE-2019-15005

The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration information about the...

CVE-2019-15005

The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration information about the...

CVE-2019-15005

The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration information about the...

Improper Authorization in Bambooo through ATST Plugin - CVE-2019-15005

The Atlassian Troubleshooting and Support Tools ATST plugin prior to version 1.17.2 which was used in Bamboo before version 6.10.2, allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email...

Improper Authorization in Fisheye & Crucible through ATST Plugin - CVE-2019-15005

The Atlassian Troubleshooting and Support Tools ATST plugin prior to version 1.17.2 which was used in Fisheye & Crucible before version 4.7.2, allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. Th...

Improper Authorization in Fisheye & Crucible through ATST Plugin - CVE-2019-15005

The Atlassian Troubleshooting and Support Tools ATST plugin prior to version 1.17.2 which was used in Fisheye & Crucible before version 4.7.2, allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. Th...

Improper Authorization in Crowd through ATST Plugin - CVE-2019-15005

The Atlassian Troubleshooting and Support Tools ATST plugin prior to version 1.17.2 which was used in Crowd & Crowd Data Center before version 3.6.0, allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization...

Improper Authorization in Jira Server through ATST Plugin - CVE-2019-15005

The Atlassian Troubleshooting and Support Tools ATST plugin prior to version 1.17.2 which was used in Jira Server & Jira Data Center before version 8.3.2, allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorizati...

Improper Authorization in Bitbucket Server through ATST Plugin - CVE-2019-15005

The Atlassian Troubleshooting and Support Tools ATST plugin prior to version 1.17.2 which was used in Bitbucket Server & Bitbucket Data Center before version 6.6.0, allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing...

Improper Authorization in Bitbucket Server through ATST Plugin - CVE-2019-15005

The Atlassian Troubleshooting and Support Tools ATST plugin prior to version 1.17.2 which was used in Bitbucket Server & Bitbucket Data Center before version 6.6.0, allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing...