Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote attackers to run import operations and to determine if an internal service exists through missing permission checks.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2018-04-10T13:00:00Z
Updated: 2024-09-16T17:19:13.139Z
Reserved: 2018-02-01T00:00:00
Link: CVE-2017-18101
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-04-10T13:29:00.383
Modified: 2024-11-21T03:19:21.673
Link: CVE-2017-18101
Redhat
No data.