cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-22521,https://securityvulnerability.io/vulnerability/CVE-2023-22521,Remote Code Execution Vulnerability in Crowd Data Center and Server by Atlassian,"A Remote Code Execution vulnerability was identified in Crowd Data Center and Server, specifically from version 3.4.6. An authenticated attacker can exploit this vulnerability to execute arbitrary code, jeopardizing the confidentiality, integrity, and availability of affected systems. This exploit does not require user interaction, which heightens its potential impact. Users are urged to upgrade to the latest version to mitigate this risk. Recommended fixed versions include Crowd Data Center and Server 3.4 upgrades from 5.1.6 or above, and for 5.2, upgrades from 5.2.1 or above. Detailed release notes and downloads are available on Atlassian’s official pages.",Atlassian,"Crowd Data Center,Crowd Server",8.8,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2023-11-21T18:15:00.000Z,0
CVE-2022-43782,https://securityvulnerability.io/vulnerability/CVE-2022-43782,Security Misconfiguration Vulnerability in Atlassian Crowd,"A vulnerability in Atlassian Crowd allows attackers to authenticate as the application due to security misconfiguration. Exploitation can occur through the ability to invoke privileged endpoints in Crowd's REST API, specifically under the {{usermanagement}} path. This vulnerability is limited to IPs specified in the application's allowlist, which is empty by default, exposing all users to potential unauthorized access. Affected versions include all versions from 3.x.x, 4.x.x prior to 4.4.4, and 5.x.x before 5.0.3.",Atlassian,"Crowd Data Center,Crowd Server",9.8,CRITICAL,0.0013099999632686377,false,,false,false,false,,,false,false,,2022-11-17T00:00:01.315Z,0
CVE-2022-26137,https://securityvulnerability.io/vulnerability/CVE-2022-26137,CORS Bypass Vulnerability in Atlassian Products,"A vulnerability in multiple Atlassian products enables a remote attacker to exploit Cross-origin resource sharing (CORS) by sending specially crafted HTTP requests. This can result in unauthorized access to vulnerable applications, permitting the attacker to utilize the permissions of a tricked user who visits a malicious URL. Affected versions of products, including Bamboo, Bitbucket, Confluence, Crowd, Fisheye, Crucible, Jira, and Jira Service Management, must be updated to mitigate this risk.",Atlassian,"Bamboo Server,Bamboo Data Center,Bitbucket Server,Bitbucket Data Center,Confluence Server,Confluence Data Center,Crowd Server,Crowd Data Center,Crucible,Fisheye,Jira Core Server,Jira Software Server,Jira Software Data Center,Jira Service Management Server,Jira Service Management Data Center",8.8,HIGH,0.003659999929368496,false,,false,false,false,,,false,false,,2022-07-20T00:00:00.000Z,0
CVE-2022-26136,https://securityvulnerability.io/vulnerability/CVE-2022-26136,Remote Authentication Bypass Vulnerability in Atlassian Products,"A vulnerability affecting various Atlassian products allows an unauthenticated remote attacker to bypass Servlet Filters utilized by both first and third party applications. The potential impact varies based on the specific filters employed by the applications, leading to possible authentication bypass and cross-site scripting (XSS) exploits. While Atlassian has deployed updates to address the root cause, the comprehensive implications of this vulnerability may not be fully disclosed, highlighting the importance of applying the latest security updates.",Atlassian,"Bamboo Server,Bamboo Data Center,Bitbucket Server,Bitbucket Data Center,Confluence Server,Confluence Data Center,Crowd Server,Crowd Data Center,Crucible,Fisheye,Jira Core Server,Jira Software Server,Jira Software Data Center,Jira Service Management Server,Jira Service Management Data Center",9.8,CRITICAL,0.008580000139772892,false,,false,false,false,,,false,false,,2022-07-20T00:00:00.000Z,0
CVE-2020-36240,https://securityvulnerability.io/vulnerability/CVE-2020-36240,Unauthenticated File Access in Atlassian Crowd,"The ResourceDownloadRewriteRule class in Atlassian Crowd is vulnerable to improper access control, allowing unauthenticated remote attackers to exploit the flaw and read sensitive files located within the WEB-INF and META-INF directories. This vulnerability affects versions before 4.0.4 and versions 4.1.0 up to 4.1.2. Users should ensure they maintain their systems with the latest security patches to mitigate risks associated with unauthorized data exposure.",Atlassian,Crowd,5.3,MEDIUM,0.0018899999558925629,false,,false,false,false,,,false,false,,2021-03-01T17:15:00.000Z,0
CVE-2019-20902,https://securityvulnerability.io/vulnerability/CVE-2019-20902,Security Flaw in Crowd Affects User Management for OpenLDAP,"A vulnerability in Atlassian's Crowd platform allows for the inadvertent reactivation of disabled users from OpenLDAP when upgrading via XML Data Transfer. This flaw impacts versions of Crowd prior to 3.4.6 and those from 3.5.0 before 3.5.1. Organizations using these affected versions may face security risks due to unauthorized user access, highlighting the importance of updating to the latest versions to maintain secure user management practices.",Atlassian,Crowd,7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2020-10-01T02:15:00.000Z,0
CVE-2019-20104,https://securityvulnerability.io/vulnerability/CVE-2019-20104,Denial of Service Vulnerability in Atlassian Crowd OpenID Client,"The OpenID client application in Atlassian Crowd versions prior to 3.6.2 and between 3.7.0 and 3.7.1 is susceptible to a Denial of Service attack through an XML Entity Expansion vulnerability. This flaw allows remote attackers to exploit the system, potentially leading to service disruptions and impacting the application’s accessibility.",Atlassian,Crowd,7.5,HIGH,0.0019099999917671084,false,,false,false,false,,,false,false,,2020-02-06T03:15:00.000Z,0
CVE-2017-18107,https://securityvulnerability.io/vulnerability/CVE-2017-18107,Cross-Site Request Forgery Vulnerability in Atlassian Crowd Demo Application,"The Crowd Demo application of Atlassian Crowd prior to version 3.1.1 is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability. This security flaw allows remote attackers to perform unauthorized actions such as adding, modifying, or deleting users and groups. Although the Demo application is not enabled by default, this vulnerability poses a risk if it is activated, potentially compromising user management and security integrity.",Atlassian,Crowd,6.5,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2019-12-17T04:15:00.000Z,0
CVE-2019-15005,https://securityvulnerability.io/vulnerability/CVE-2019-15005,Authorization Bypass in Atlassian Troubleshooting and Support Tools Plugin,"The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 is prone to an authorization bypass vulnerability that enables unprivileged users to perform unauthorized log scans. This flaw allows attackers to send application configuration details to a designated email, potentially exposing sensitive information regarding the application's setup and environment. Affected products include multiple versions of Atlassian’s software suite, making it critical for users to upgrade to mitigate risks associated with this vulnerability.",Atlassian,"Bitbucket Server,Jira Server,Confluence Server,Crowd,Fisheye,Crucible,Bamboo",4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2019-11-08T00:00:00.000Z,0
CVE-2019-11580,https://securityvulnerability.io/vulnerability/CVE-2019-11580,Remote Code Execution Vulnerability in Atlassian Crowd and Crowd Data Center,"Atlassian Crowd and Crowd Data Center possess a significant security vulnerability due to the pdkinstall development plugin being improperly enabled in release builds. This flaw allows attackers to send unauthenticated or authenticated requests to a vulnerable instance, enabling them to install arbitrary plugins. Such unauthorized installations could lead to remote code execution, exposing systems that run affected versions of Crowd to severe risks. It is crucial for users to apply the necessary patches and upgrade to the fixed versions to mitigate potential security breaches.",Atlassian,Crowd,9.8,CRITICAL,0.9717299938201904,true,2021-11-03T00:00:00.000Z,false,false,true,2020-03-06T17:09:26.000Z,true,false,false,,2019-06-03T14:29:00.000Z,0
CVE-2017-18106,https://securityvulnerability.io/vulnerability/CVE-2017-18106,Session Token Identifier Collision in Atlassian Crowd,"A vulnerability in Atlassian Crowd allows an attacker to exploit session token identifiers. If an attacker authenticates to Crowd or an associated application, they may manipulate their identifier_hash to collide with that of another user. This collision could enable unauthorized access to another user's session, exposing sensitive information and compromising user accounts.",Atlassian,Crowd,7.5,HIGH,0.001990000018849969,false,,false,false,false,,,false,false,,2019-03-29T14:29:00.000Z,0
CVE-2017-18110,https://securityvulnerability.io/vulnerability/CVE-2017-18110,XXE Vulnerability in Atlassian Crowd Affects File System Integrity,"The administration backup restore feature of Atlassian Crowd prior to version 3.0.2, and from 3.1.0 to before 3.1.1, is susceptible to an XML External Entity (XXE) vulnerability. This allows remote attackers to leverage the flaw to read sensitive files from the underlying filesystem, potentially exposing confidential data. It is crucial for users to update their systems to mitigate this security risk.",Atlassian,Crowd,6.5,MEDIUM,0.00171999994199723,false,,false,false,false,,,false,false,,2019-03-29T14:29:00.000Z,0
CVE-2017-18109,https://securityvulnerability.io/vulnerability/CVE-2017-18109,Open Redirect Vulnerability in Atlassian Crowd Login Resource,"The login mechanism in Atlassian Crowd versions prior to 3.0.2 and in the range from 3.1.0 to 3.1.1 is susceptible to an open redirect flaw. This vulnerability allows remote attackers to maneuver users into being redirected to malicious external sites, potentially setting the stage for phishing schemes. By exploiting this vulnerability, attackers can manipulate the user experience, mislead them into submitting sensitive information on fraudulent platforms, thereby compromising account security.",Atlassian,Crowd,6.1,MEDIUM,0.001230000052601099,false,,false,false,false,,,false,false,,2019-03-29T14:29:00.000Z,0
CVE-2017-18108,https://securityvulnerability.io/vulnerability/CVE-2017-18108,Remote Code Execution Flaw in Atlassian Crowd Administration SMTP Configuration,"The Atlassian Crowd administration SMTP configuration is susceptible to a remote code execution vulnerability. This issue affects versions prior to 2.10.2, where an attacker with administrative rights can exploit JNDI injection vulnerabilities to execute arbitrary code. This security flaw emphasizes the crucial need for updating to the latest version and securing administration access to mitigate potential threats.",Atlassian,Crowd,7.2,HIGH,0.001339999958872795,false,,false,false,false,,,false,false,,2019-03-29T14:29:00.000Z,0
CVE-2017-18105,https://securityvulnerability.io/vulnerability/CVE-2017-18105,Session Fixation Vulnerability in Atlassian Crowd Affected by Cookie Management Issues,"A session fixation vulnerability exists in Atlassian Crowd which allows remote attackers to exploit the system by utilizing a user's JSESSIONID cookie. This vulnerability can lead to unauthorized access to internal and third-party REST resources, potentially compromising sensitive data and user sessions. Attackers must first gain access to a legitimate user's cookie to exploit this flaw, thereby emphasizing the importance of robust session management practices.",Atlassian,Crowd,8.1,HIGH,0.003930000122636557,false,,false,false,false,,,false,false,,2019-03-29T14:29:00.000Z,0
CVE-2018-20238,https://securityvulnerability.io/vulnerability/CVE-2018-20238,,Various rest resources in Atlassian Crowd before version 3.2.7 and from version 3.3.0 before version 3.3.4 allow remote attackers to authenticate using an expired user session via an insufficient session expiration vulnerability.,Atlassian,Crowd,8.1,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2019-02-13T00:00:00.000Z,0
CVE-2016-10740,https://securityvulnerability.io/vulnerability/CVE-2016-10740,,Various resources in Atlassian Crowd before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories by examining the responses to requests for these resources.,Atlassian,Crowd,4.9,MEDIUM,0.0017099999822676182,false,,false,false,false,,,false,false,,2019-01-29T02:29:00.000Z,0
CVE-2017-16858,https://securityvulnerability.io/vulnerability/CVE-2017-16858,,"The 'crowd-application' plugin module (notably used by the Google Apps plugin) in Atlassian Crowd from version 1.5.0 before version 3.1.2 allowed an attacker to impersonate a Crowd user in REST requests by being able to authenticate to a directory bound to an application using the feature. Given the following situation: the Crowd application is bound to directory 1 and has a user called admin and the Google Apps application is bound to directory 2, which also has a user called admin, it was possible to authenticate REST requests using the credentials of the user coming from directory 2 and impersonate the user from directory 1.",Atlassian,Crowd,6.8,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2018-01-31T14:29:00.000Z,0
CVE-2016-6496,https://securityvulnerability.io/vulnerability/CVE-2016-6496,,"The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning.",Atlassian,Crowd,9.8,CRITICAL,0.01319000031799078,false,,false,false,false,,,false,false,,2016-12-09T22:00:00.000Z,0
CVE-2013-3925,https://securityvulnerability.io/vulnerability/CVE-2013-3925,,"Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to (1) /services/2 or (2) services/latest with a DTD containing an XML external entity declaration in conjunction with an entity reference.",Atlassian,Crowd,,,0.004569999873638153,false,,false,false,false,,,false,false,,2013-07-01T21:55:00.000Z,0
CVE-2013-3926,https://securityvulnerability.io/vulnerability/CVE-2013-3926,,"Atlassian Crowd 2.6.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to a ""symmetric backdoor.""  NOTE: as of 20130704, the vendor could not reproduce the issue, stating ""We've been unable to substantiate the existence of [CVE-2013-3926]. The author of the article has not contacted Atlassian and has provided no detail, making it difficult to validate the claim... If we can confirm that there is a vulnerability, a patch will be issued.",Atlassian,Crowd,,,0.010579999536275864,false,,false,false,false,,,false,false,,2013-07-01T21:00:00.000Z,0
CVE-2012-2926,https://securityvulnerability.io/vulnerability/CVE-2012-2926,,"Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 before 2.7.12; Bamboo before 3.3.4 and 3.4.x before 3.4.5; and Crowd before 2.0.9, 2.1 before 2.1.2, 2.2 before 2.2.9, 2.3 before 2.3.7, and 2.4 before 2.4.1 do not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.",Atlassian,"Fisheye,Confluence,Jira,Crucible,Crowd,Bamboo,Confluence Server",9.1,CRITICAL,0.46397000551223755,false,,false,false,false,,,false,false,,2012-05-22T15:00:00.000Z,0