cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-37843,https://securityvulnerability.io/vulnerability/CVE-2021-37843,Authentication Bypass in SAML SSO Apps for Atlassian Products,"This vulnerability allows a remote attacker to gain unauthorized access to user accounts in SAML SSO applications used by Atlassian products, merely by knowing the username. No additional authentication is needed, making it critical for organizations to patch affected versions of Jira, Confluence, Bitbucket, Bamboo, and Fisheye to safeguard against potential account compromises.",Atlassian,Saml Single Sign On,9.8,CRITICAL,0.005270000081509352,false,,false,false,false,,,false,false,,2021-08-02T18:47:32.000Z,0
CVE-2019-13347,https://securityvulnerability.io/vulnerability/CVE-2019-13347,SAML Single Sign On Vulnerability in Atlassian Products,"The SAML Single Sign On (SSO) plugin for various Atlassian products contains a vulnerability that permits locally disabled users to reactivate their accounts simply by accessing the instances of Jira, Confluence, Bitbucket, or Bamboo. This occurs even if the relevant configuration option designed to prevent this reactivation is disabled. For this exploitation to be successful, the attacker must possess valid authorization from the identity provider and the plugin's 'User Update Method' setting must be configured to 'Update from SAML Attributes'.",Atlassian,Saml Single Sign On,7.5,HIGH,0.0010000000474974513,false,,false,false,false,,,false,false,,2019-12-13T12:17:14.000Z,0