Lucene search

Ubuntu.comUB:CVE-2019-6793

HistorySep 09, 2019 - 12:00 a.m.

CVE-2019-6793

2019-09-0900:00:00

ubuntu.com

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L

EPSS

0.042

Percentile

92.4%

JSON

An issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x
before 11.6.6, and 11.7.x before 11.7.1. The Jira integration feature is
vulnerable to an unauthenticated blind SSRF issue.

Notes

Author	Note
msalvatore	Affects GitLab EE

References

about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/

launchpad.net/bugs/cve/CVE-2019-6793

nvd.nist.gov/vuln/detail/CVE-2019-6793

security-tracker.debian.org/tracker/CVE-2019-6793

www.cve.org/CVERecord?id=CVE-2019-6793

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L

EPSS

0.042

Percentile

92.4%

JSON

Related for UB:CVE-2019-6793