Vulnerability CVE-2018-13401


Published: 2018-10-23

Description:
The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allows remote attackers to obtain a user's Cross-site request forgery (CSRF) token through an open redirect vulnerability.

Type:

CWE-601

(URL Redirection to Untrusted Site ('Open Redirect'))

Vendor: Atlassian
Product: JIRA 
Version:
7.9.2
7.9.1
7.9.0
7.8.4
7.8.3
7.8.2
7.8.1
7.8.0
7.7.4
7.7.3
7.7.2
7.7.1
7.7.0
7.6.8
7.6.7
7.6.6
7.6.5
7.6.4
7.6.3
7.6.2
7.6.1
7.6.0
7.5.4
7.5.3
7.5.2
7.5.1
7.5.0
7.4.6
7.4.5
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.3.9
7.3.8
7.3.7
7.3.6
7.3.5
7.3.4
7.3.3
7.3.2
7.3.1
7.3.0
7.2.9
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.15
7.2.14
7.2.13
7.2.12
7.2.11
7.2.10
7.2.1
7.2.0
7.12.2
7.12.1
7.12.0
7.11.2
7.11.1
7.11.0
7.10.2
7.10.1
7.10.0
7.1.9
7.1.8
7.1.7
7.1.6
7.1.4
7.1.2
7.1.10
7.1.1
7.1.0
7.0.9
7.0.5
7.0.4
7.0.3
7.0.2
7.0.11
7.0.10_
7.0.0
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.1
See more versions on NVD

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.8/10
4.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None

 References:
http://www.securityfocus.com/bid/105751
https://jira.atlassian.com/browse/JRASERVER-68139

Related CVE
CVE-2018-20241
The Edit upload resource for a review in Atlassian Fisheye and Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the wbuser parameter.
CVE-2018-20240
The administrative linker functionality in Atlassian Fisheye and Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the href parameter.
CVE-2018-20238
Various rest resources in Atlassian Crowd before version 3.2.7 and from version 3.3.0 before version 3.3.4 allow remote attackers to authenticate using an expired user session via an insufficient session expiration vulnerability.
CVE-2018-20237
Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.
CVE-2018-20232
The labels widget gadget in Atlassian Jira before version 7.6.11 and from version 7.7.0 before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the rendering of retrieved ...
CVE-2018-13404
The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from...
CVE-2018-13403
The two-dimensional filter statistics gadget in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.12.4, and from version 7.13.0 before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross s...
CVE-2016-10740
Various resources in Atlassian Crowd before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories by examining the responses to requests for these resources.

Copyright 2019, cxsecurity.com

 

Back to Top