Vulnerability CVE-2018-20238


Published: 2019-02-13

Description:
Various rest resources in Atlassian Crowd before version 3.2.7 and from version 3.3.0 before version 3.3.4 allow remote attackers to authenticate using an expired user session via an insufficient session expiration vulnerability.

Type:

CWE-384

(Session Fixation)

Vendor: Atlassian
Product: Crowd 
Version:
3.3.3
3.3.2
3.3.1
3.3.0
3.2.6
3.2.5
3.2.3
3.2.2
3.2.1
3.2.0
3.1.5
3.1.4
3.1.3
3.1.2
3.1.1
3.0.3
3.0.2
3.0.1
3.0.0
2.9.7
2.9.5
2.9.1
2.9.0
2.8.4
2.6.3
2.6.2
2.6.1
2.6.0
2.5.4
2.5.3
2.5.2
2.5.1
2.5.0
2.5
2.4.9
2.4.2
2.4.10
2.4.1
2.4
2.3.9
2.3.8
2.3.7
2.3.6
2.3.4
2.3.3
2.3.2
2.3.1
2.2.9
2.2.7
2.2.4
2.2.2
2.10.1
2.1.2
2.1.1
2.1
2.0.9
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.1
2.0
1.6.3
1.6.1
1.6
1.5.3
1.5.2
1.5.1
1.5
1.4.8
1.4.7
1.4.4
1.4.3
1.4.2
1.4.1
1.4
1.3.3
1.3.2
1.3.1
1.3
1.2.4
1.2.2
1.2.1
1.2
1.1.2
1.1.1
1.1.0
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0
0.4.5
0.4.4
0.4.3
See more versions on NVD

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.5/10
4.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None

 References:
http://www.securityfocus.com/bid/107036
https://jira.atlassian.com/browse/CWD-5361

Related CVE
CVE-2019-8448
The login.jsp resource in Jira before version 7.13.4, and from version 8.0.0 before version 8.2.2 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
CVE-2019-11581
There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server o...
CVE-2018-20827
The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter.
CVE-2018-20826
The inline-create rest resource in Jira before version 7.12.3 allows authenticated remote attackers to set the reporter in issues via a missing authorisation check.
CVE-2019-11583
The issue searching component in Jira before version 8.1.0 allows remote attackers to deny access to Jira service via denial of service vulnerability in issue search when ordering by "Epic Name".
CVE-2019-11582
An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI.
CVE-2019-3397
Atlassian Bitbucket Data Center licensed instances starting with version 5.13.0 before 5.13.6 (the fixed version for 5.13.x), from 5.14.0 before 5.14.4 (fixed version for 5.14.x), from 5.15.0 before 5.15.3 (fixed version for 5.15.x), from 5.16.0 befo...
CVE-2019-11580
Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerabilit...

Copyright 2019, cxsecurity.com

 

Back to Top