CVSS: 8.8EPSS: 0%CPEs: 42EXPL: 0CVE-2022-26137
https://notcve.org/view.php?id=CVE-2022-26137
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this vulnerability: Cross-origin resource sharing (CORS) bypass. Sending a specially crafted HTTP request can invoke the Servlet Filter used to respond to CORS requests, resulting in a CORS bypass. An attacker that can trick a user into requesting a malicious URL can access the vulnerable application with the victim’s permissions. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. • https://jira.atlassian.com/browse/BAM-21795 https://jira.atlassian.com/browse/BSERV-13370 https://jira.atlassian.com/browse/CONFSERVER-79476 https://jira.atlassian.com/browse/CRUC-8541 https://jira.atlassian.com/browse/CWD-5815 https://jira.atlassian.com/browse/FE-7410 https://jira.atlassian.com/browse/JRASERVER-73897 https://jira.atlassian.com/browse/JSDSERVER-11863 • CWE-180: Incorrect Behavior Order: Validate Before Canonicalize CWE-346: Origin Validation Error •
CVSS: 9.8EPSS: 0%CPEs: 42EXPL: 0CVE-2022-26136
https://notcve.org/view.php?id=CVE-2022-26136
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in authentication bypass and cross-site scripting. Atlassian has released updates that fix the root cause of this vulnerability, but has not exhaustively enumerated all potential consequences of this vulnerability. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. • https://jira.atlassian.com/browse/BAM-21795 https://jira.atlassian.com/browse/BSERV-13370 https://jira.atlassian.com/browse/CONFSERVER-79476 https://jira.atlassian.com/browse/CRUC-8541 https://jira.atlassian.com/browse/CWD-5815 https://jira.atlassian.com/browse/FE-7410 https://jira.atlassian.com/browse/JRASERVER-73897 https://jira.atlassian.com/browse/JSDSERVER-11863 • CWE-180: Incorrect Behavior Order: Validate Before Canonicalize CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43958
https://notcve.org/view.php?id=CVE-2021-43958
Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to brute force user login credentials as rest resources did not check if users were beyond their max failed login limits and therefore required solving a CAPTCHA in addition to providing user credentials for authentication via a improper restriction of excess authentication attempts vulnerability. Varios recursos de reposo en Fisheye y Crucible versiones anteriores a 4.8.9 permitían a atacantes remotos forzar las credenciales de inicio de sesión de usuarios, ya que los recursos de reposo no comprobaban si los usuarios estaban más allá de sus límites máximos de inicio de sesión fallido y, por lo tanto, requerían resolver un CAPTCHA además de proporcionar las credenciales de usuario para la autenticación por medio de una vulnerabilidad de restricción inapropiada del exceso de intentos de autenticación • https://jira.atlassian.com/browse/CRUC-8523 https://jira.atlassian.com/browse/FE-7387 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43957
https://notcve.org/view.php?id=CVE-2021-43957
Affected versions of Atlassian Fisheye & Crucible allowed remote attackers to browse local files via an Insecure Direct Object References (IDOR) vulnerability in the WEB-INF directory and bypass the fix for CVE-2020-29446 due to a lack of url decoding. The affected versions are before version 4.8.9. Las versiones afectadas de Atlassian Fisheye y Crucible permitían a atacantes remotos navegar por archivos locales por medio de una vulnerabilidad de Insecure Direct Object References (IDOR) en el directorio WEB-INF y omitir la corrección de CVE-2020-29446 debido a una falta de decodificación de url. Las versiones afectadas son anteriores a la versión 4.8.9 • https://jira.atlassian.com/browse/CRUC-8524 https://jira.atlassian.com/browse/FE-7388 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43956
https://notcve.org/view.php?id=CVE-2021-43956
The jQuery deserialize library in Fisheye and Crucible before version 4.8.9 allowed remote attackers to to inject arbitrary HTML and/or JavaScript via a prototype pollution vulnerability. La biblioteca jQuery deserialize en Fisheye y Crucible versiones anteriores a 4.8.9, permitía a atacantes remotos inyectar HTML y/o JavaScript arbitrario por medio de una vulnerabilidad de contaminación de prototipos • https://jira.atlassian.com/browse/CRUC-8531 https://jira.atlassian.com/browse/FE-7395 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •