CVE-2018-5231

Published: May 16, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to perform a denial of service attack via sending requests to it.

Affected (4)

Products: Atlassian: Jira, Jira Server

2 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Atlassian Jira	Before 7.6.6
Atlassian Jira Server	From 7.7.0 to 7.7.4
Atlassian Jira Server	From 7.8.0 to 7.8.4
Atlassian Jira Server	From 7.9.0 to 7.9.2

References (4)

http://www.securityfocus.com/bid/104205

Source: security@atlassian.com

Third Party AdvisoryVDB Entry

https://jira.atlassian.com/browse/JRASERVER-67290

Source: security@atlassian.com

Vendor Advisory

http://www.securityfocus.com/bid/104205

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://jira.atlassian.com/browse/JRASERVER-67290

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.