CVE-2017-18096

Severity Score

7.2

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The OAuth status rest resource in Atlassian Application Links before version 5.2.7, from 5.3.0 before 5.3.4 and from 5.4.0 before 5.4.3 allows remote attackers with administrative rights to access the content of internal network resources via a Server Side Request Forgery (SSRF) by creating an OAuth application link to a location they control and then redirecting access from the linked location's OAuth status rest resource to an internal location. When running in an environment like Amazon EC2, this flaw maybe used to access to a metadata resource that provides access credentials and other potentially confidential information.

El recurso rest de estado OAuth en Atlassian Application Links, en versiones anteriores a la 5.2.7, desde la versión 5.3.0 y anterior a la 5.3.4 y desde la versión 5.4.0 anterior a la 5.4.3, permite que atacantes remotos con derechos administrativos accedan al contenido de recursos internos de red mediante SSRF (Server-Side Request Forgery) creando un enlace de aplicación OAuth a una ubicación que controlan y después redirigiendo el acceso desde el recurso rest de estado OAuth de la ubicación enlazada a una ubicación interna. Cuando se ejecuta en un entorno como Amazon EC2, este error puede emplearse para acceder a un recurso de metadatos que proporciona credenciales de acceso y otro tipo de información potencialmente confidencial.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-02-01 CVE Reserved
2018-04-04 CVE Published
2024-05-30 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-918: Server-Side Request Forgery (SSRF)

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://ecosystem.atlassian.net/browse/APL-1359	2018-05-10

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Atlassian Search vendor "Atlassian"		Application Links Search vendor "Atlassian" for product "Application Links"				< 5.2.7 Search vendor "Atlassian" for product "Application Links" and version " < 5.2.7"		-		Affected
Atlassian Search vendor "Atlassian"		Application Links Search vendor "Atlassian" for product "Application Links"				>= 5.3.0 < 5.3.4 Search vendor "Atlassian" for product "Application Links" and version " >= 5.3.0 < 5.3.4"		-		Affected
Atlassian Search vendor "Atlassian"		Application Links Search vendor "Atlassian" for product "Application Links"				>= 5.4.0 < 5.4.3 Search vendor "Atlassian" for product "Application Links" and version " >= 5.4.0 < 5.4.3"		-		Affected