exploitDog

GHSA-4cmr-5c3c-82qg

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

The administration SMTP configuration resource in Atlassian Crowd before version 2.10.2 allows remote attackers with administration rights to execute arbitrary code via a JNDI injection.

The administration SMTP configuration resource in Atlassian Crowd before version 2.10.2 allows remote attackers with administration rights to execute arbitrary code via a JNDI injection.

Ссылки

EPSS

Процентиль: 81%

0.01536

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2017-18108

CVSS3: 7.2

nvd

почти 7 лет назад

The administration SMTP configuration resource in Atlassian Crowd before version 2.10.2 allows remote attackers with administration rights to execute arbitrary code via a JNDI injection.

EPSS

Процентиль: 81%

0.01536

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-94