CVE-2007-6619

Опубликовано: 03 янв. 2008

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language.

Ссылки

http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2007-12-24
Patch
http://osvdb.org/42770
http://secunia.com/advisories/27954
Patch
Vendor Advisory
http://www.securityfocus.com/bid/27095
http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2007-12-24
Patch
http://osvdb.org/42770
http://secunia.com/advisories/27954
Patch
Vendor Advisory
http://www.securityfocus.com/bid/27095

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:atlassian:jira:*:*:enterprise:*:*:*:*:*

Версия до 3.12 (включая)

EPSS

Процентиль: 68%

0.00585

Низкий

7.5 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-qc68-5gff-qw5c

github

около 3 лет назад