| |
Vulnerability CVE-2017-16858
Published: 2018-01-31
Description: |
The 'crowd-application' plugin module (notably used by the Google Apps plugin) in Atlassian Crowd from version 1.5.0 before version 3.1.2 allowed an attacker to impersonate a Crowd user in REST requests by being able to authenticate to a directory bound to an application using the feature. Given the following situation: the Crowd application is bound to directory 1 and has a user called admin and the Google Apps application is bound to directory 2, which also has a user called admin, it was possible to authenticate REST requests using the credentials of the user coming from directory 2 and impersonate the user from directory 1. |
Type:
CWE-287 (Improper Authentication)
CVSS2 => (AV:N/AC:M/Au:S/C:P/I:P/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.9/10 |
4.9/10 |
6.8/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
Single time |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
None |
References: |
https://jira.atlassian.com/browse/CWD-5009
|
|
|
Copyright 2024, cxsecurity.com
|
|
|