The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and from version 7.13.0 before version 7.13.1 allows remote attackers who have administrator rights to determine the existence of internal hosts & open ports and in some cases obtain service information from internal network resources via a Server Side Request Forgery (SSRF) vulnerability.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/JRASERVER-68527 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2019-02-13T18:00:00Z
Updated: 2024-09-16T17:28:16.895Z
Reserved: 2018-07-06T00:00:00
Link: CVE-2018-13404
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-02-13T18:29:00.417
Modified: 2024-11-21T03:47:02.353
Link: CVE-2018-13404
Redhat
No data.