2018-02-19 15:29:00 2019-10-10 01:25:49

The SnippetRPCServiceImpl class in Atlassian Crucible before version 4.5.1 (the fixed version 4.5.x) and before 4.6.0 allows remote attackers to comment on snippets they do not have authorization to access via an improper authorization vulnerability.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE
Atlassian Crucible 3.5.0 (not an official CPE) Atlassian Crucible 3.4.7 (not an official CPE) Atlassian Crucible 3.4.5 (not an official CPE) Atlassian Crucible 3.4.6 (not an official CPE) Atlassian Crucible 3.4.4 (not an official CPE) Atlassian Crucible 3.4.3 (not an official CPE) Atlassian Crucible 3.4.2 (not an official CPE) Atlassian Crucible 3.4.1 (not an official CPE) Atlassian Crucible 3.4.0 (not an official CPE) Atlassian Crucible 3.3.4 (not an official CPE) Atlassian Crucible 3.3.3 (not an official CPE) Atlassian Crucible 3.3.2 (not an official CPE) Atlassian Crucible 3.3.1 (not an official CPE) Atlassian Crucible 3.3.0 (not an official CPE) Atlassian Crucible 3.2.5 (not an official CPE) Atlassian Crucible 3.2.4 (not an official CPE) Atlassian Crucible 3.2.3 (not an official CPE) Atlassian Crucible 3.2.2 (not an official CPE) Atlassian Crucible 3.2.0 (not an official CPE) Atlassian Crucible 3.2.1 (not an official CPE) Atlassian Crucible 3.1.7 (not an official CPE) Atlassian Crucible 3.1.6 (not an official CPE) Atlassian Crucible 3.1.5 (not an official CPE) Atlassian Crucible 3.1.4 (not an official CPE) Atlassian Crucible 3.1.3 (not an official CPE) Atlassian Crucible 3.1.2 (not an official CPE) Atlassian Crucible 3.1.1 (not an official CPE) Atlassian Crucible 3.1.0 (not an official CPE) Atlassian Crucible 3.0.4 (not an official CPE) Atlassian Crucible 3.0.3 (not an official CPE) Atlassian Crucible 3.0.2 (not an official CPE) Atlassian Crucible 3.0.1 (not an official CPE) Atlassian Crucible 3.0.0 (not an official CPE) Atlassian Crucible 2.10.8 (not an official CPE) Atlassian Crucible 2.10.7 (not an official CPE) Atlassian Crucible 2.10.6 (not an official CPE) Atlassian Crucible 2.10.4 (not an official CPE) Atlassian Crucible 2.10.3 (not an official CPE) Atlassian Crucible 2.10.2 (not an official CPE) Atlassian Crucible 2.10.1 (not an official CPE) Atlassian Crucible 2.10.0 (not an official CPE) Atlassian Crucible 2.9.2 (not an official CPE) Atlassian Crucible 2.9.1 (not an official CPE) Atlassian Crucible 2.9.0 (not an official CPE) Atlassian Crucible 2.8.2 (not an official CPE) Atlassian Crucible 2.8.1 (not an official CPE) Atlassian Crucible 2.8.0 (not an official CPE) Atlassian Crucible 2.7.15 (not an official CPE) Atlassian Crucible 2.7.14 (not an official CPE) Atlassian Crucible 2.7.13 (not an official CPE) Atlassian Crucible 2.7.12 Atlassian Crucible 2.7.11 Atlassian Crucible 2.7.10 Atlassian Crucible 2.7.9 Atlassian Crucible 2.7.8 Atlassian Crucible 2.7.7 Atlassian Crucible 2.7.6 Atlassian Crucible 2.7.5 Atlassian Crucible 2.7.4 Atlassian Crucible 2.7.3 Atlassian Crucible 2.7.2 Atlassian Crucible 2.7.1 Atlassian Crucible 2.7.0 Atlassian Crucible 2.6.7 Atlassian Crucible 2.6.6 Atlassian Crucible 2.6.5 Atlassian Crucible 2.6.4 Atlassian Crucible 2.6.3 Atlassian Crucible 2.6.2 Atlassian Crucible 2.6.1 Atlassian Crucible 2.6.0 Atlassian Crucible 2.5.7 Atlassian Crucible 2.5.6 Atlassian Crucible 2.5.5 Atlassian Crucible 2.5.4 Atlassian Crucible 2.5.3 Atlassian Crucible 2.5.2 Atlassian Crucible 2.5.1 Atlassian Crucible 2.5.0 Atlassian Crucible 2.4.6 Atlassian Crucible 2.4.5 Atlassian Crucible 3.5.1 (not an official CPE) Atlassian Crucible 2.4.4 Atlassian Crucible 2.4.3 Atlassian Crucible 2.4.2 Atlassian Crucible 2.4.1 Atlassian Crucible 2.4.0 Atlassian Crucible 2.3.8 Atlassian Crucible 2.3.7 Atlassian Crucible 2.3.6 Atlassian Crucible 2.3.5 Atlassian Crucible 2.3.4 Atlassian Crucible 2.3.3 Atlassian Crucible 2.3.2 Atlassian Crucible 2.3.1 Atlassian Crucible 2.3.0 Atlassian Crucible 2.2.3 Atlassian Crucible 2.2.1 Atlassian Crucible 2.2.0 Atlassian Crucible 2.1.4 Atlassian Crucible 2.1.3 Atlassian Crucible 2.1.2 Atlassian Crucible 2.1.1 Atlassian Crucible 2.1.0 Atlassian Crucible 2.0.6 Atlassian Crucible 2.0.5 Atlassian Crucible 2.0.4 Atlassian Crucible 2.0.3 Atlassian Crucible 2.0.2 Atlassian Crucible 2.0.1 Atlassian Crucible 2.0 beta3 Atlassian Crucible 2.0.6 beta2 Atlassian Crucible 2.0 - (not an official CPE) Atlassian Crucible 2.0 Atlassian Crucible 1.6.6 Atlassian Crucible 1.6.5.a Atlassian Crucible 1.6.4 Atlassian Crucible 1.6.3 Atlassian Crucible 1.6.2.1 Atlassian Crucible 1.6.2 Atlassian Crucible 1.6.1 Atlassian Crucible 1.6.0 Atlassian Crucible 1.5.4 Atlassian Crucible 1.5.3 Atlassian Crucible 1.5.2 Atlassian Crucible 1.5.1 Atlassian Crucible 1.5.0 Atlassian Crucible 1.2.3 Atlassian Crucible 1.2.2 Atlassian Crucible 1.2.1 Atlassian Crucible 1.2 Atlassian Crucible 1.1.4 Atlassian Crucible 1.1.3 Atlassian Crucible 1.1.2 Atlassian Crucible 1.1.1 Atlassian Crucible 1.1 Atlassian Crucible 3.5.2 (not an official CPE) Atlassian Crucible 3.5.3 (not an official CPE) Atlassian Crucible 3.5.4 (not an official CPE) Atlassian Crucible 3.5.5 (not an official CPE) Atlassian Crucible 3.6.0 (not an official CPE) Atlassian Crucible 3.6.1 (not an official CPE) Atlassian Crucible 3.6.2 (not an official CPE) Atlassian Crucible 3.6.3 (not an official CPE) Atlassian Crucible 3.6.4 (not an official CPE) Atlassian Crucible 3.7.0 (not an official CPE) Atlassian Crucible 3.7.1 (not an official CPE) Atlassian Crucible 3.8.0 (not an official CPE) Atlassian Crucible 3.8.1 (not an official CPE) Atlassian Crucible 3.9.0 (not an official CPE) Atlassian Crucible 3.9.1 (not an official CPE) Atlassian Crucible 3.9.2 (not an official CPE) Atlassian Crucible 3.10.0 (not an official CPE) Atlassian Crucible 3.10.1 (not an official CPE) Atlassian Crucible 3.10.2 (not an official CPE) Atlassian Crucible 3.10.3 (not an official CPE) Atlassian Crucible 3.10.4 (not an official CPE) Atlassian Crucible 4.0.0 (not an official CPE) Atlassian Crucible 4.0.1 (not an official CPE) Atlassian Crucible 4.0.2 (not an official CPE) Atlassian Crucible 4.0.3 (not an official CPE) Atlassian Crucible 4.0.4 (not an official CPE) Atlassian Crucible 4.1.0 (not an official CPE) Atlassian Crucible 4.1.1 (not an official CPE) Atlassian Crucible 4.1.2 (not an official CPE) Atlassian Crucible 4.1.3 (not an official CPE) Atlassian Crucible 4.2.0 (not an official CPE) Atlassian Crucible 4.2.1 (not an official CPE) Atlassian Crucible 4.2.2 (not an official CPE) Atlassian Crucible 4.2.3 (not an official CPE) Atlassian Crucible 4.3.0 (not an official CPE) Atlassian Crucible 4.3.1 (not an official CPE) Atlassian Crucible 4.3.2 (not an official CPE) Atlassian Crucible 4.3.3 (not an official CPE) Atlassian Crucible 4.4.0 (not an official CPE) Atlassian Crucible 4.4.1 (not an official CPE) Atlassian Crucible 4.4.2 (not an official CPE) Atlassian Crucible 4.4.3 (not an official CPE) Atlassian Crucible 4.4.4 (not an official CPE) Atlassian Crucible 4.4.5 (not an official CPE) Atlassian Crucible 4.4.6 (not an official CPE) Atlassian Crucible 4.4.7 (not an official CPE) Atlassian Crucible 4.5.0 (not an official CPE)
Advisory Patch Confirmed Link
103207
https://jira.atlassian.com/browse/CRUC-8178