Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-6668

Опубликовано: 23 янв. 2017
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.26.0 before 7.8.17; and HipChat for JIRA plugin 6.26.0 before 7.8.17 allows remote attackers to obtain the secret key for communicating with HipChat instances by reading unspecified pages.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:atlassian:confluence_server:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.1:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.2:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.3:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.4:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.5:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.6:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.7:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.8:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.9:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.10:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.11:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.9.12:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.10.0:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.10.1:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.10.2:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:confluence_server:5.10.3:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:atlassian:jira_integration_for_hipchat:6.26.0:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:6.26.10:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:6.29.1:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:6.29.2:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:6.31.0:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.2.1:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.3.2:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.3.3:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.4.1:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.8.1:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.8.3:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.8.12:*:*:*:*:*:*:*

EPSS

Процентиль: 79%
0.01318
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

github логотип

GHSA-cpw5-xffh-q7hh

CVSS3: 7.5
github
около 3 лет назад

The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.26.0 before 7.8.17; and HipChat for JIRA plugin 6.26.0 before 7.8.17 allows remote attackers to obtain the secret key for communicating with HipChat instances by reading unspecified pages.

EPSS

Процентиль: 79%
0.01318
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200