github - ghsa-j835-6ff4-p3mc

ghsa-j835-6ff4-p3mc

Vulnerability from github

Published

2022-11-17 03:30

Modified

2022-11-18 21:30

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd's REST API under the {{usermanagement}} path. This vulnerability can only be exploited by IPs specified under the crowd application allowlist in the Remote Addresses configuration, which is {{none}} by default. The affected versions are all versions 3.x.x, versions 4.x.x before version 4.4.4, and versions 5.x.x before 5.0.3

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-43782"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-17T00:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd\u0027s REST API under the {{usermanagement}} path. This vulnerability can only be exploited by IPs specified under the crowd application allowlist in the Remote Addresses configuration, which is {{none}} by default. The affected versions are all versions 3.x.x, versions 4.x.x before version 4.4.4, and versions 5.x.x before 5.0.3",
  "id": "GHSA-j835-6ff4-p3mc",
  "modified": "2022-11-18T21:30:18Z",
  "published": "2022-11-17T03:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43782"
    },
    {
      "type": "WEB",
      "url": "https://jira.atlassian.com/browse/CWD-5888"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cve-2022-43782

Vulnerability from cvelistv5

Published

2022-11-17 00:00

Modified

2024-10-02 15:05

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd's REST API under the {{usermanagement}} path. This vulnerability can only be exploited by IPs specified under the crowd application allowlist in the Remote Addresses configuration, which is {{none}} by default. The affected versions are all versions 3.x.x, versions 4.x.x before version 4.4.4, and versions 5.x.x before 5.0.3

References

▼	URL	Tags
	https://jira.atlassian.com/browse/CWD-5888

Impacted products

▼	Vendor	Product
	Atlassian	Crowd Data Center
	Atlassian	Crowd Server

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:40:06.314Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jira.atlassian.com/browse/CWD-5888"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "crowd",
            "vendor": "atlassian",
            "versions": [
              {
                "lessThan": "4.4.4",
                "status": "affected",
                "version": "3.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "5.0.3",
                "status": "affected",
                "version": "5.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-43782",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T15:01:35.451793Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T15:05:47.174Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Crowd Data Center",
          "vendor": "Atlassian",
          "versions": [
            {
              "status": "unaffected",
              "version": "before 3.0.0"
            },
            {
              "status": "affected",
              "version": "before 4.4.4"
            },
            {
              "status": "affected",
              "version": "before 5.0.3"
            }
          ]
        },
        {
          "product": "Crowd Server",
          "vendor": "Atlassian",
          "versions": [
            {
              "status": "unaffected",
              "version": "before 3.0.0"
            },
            {
              "status": "affected",
              "version": "before 4.4.4"
            },
            {
              "status": "affected",
              "version": "before 5.0.3"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Ashish Kotha"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Affected versions of Atlassian Crowd allow an attacker to authenticate as the\u00a0crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd\u0027s REST API under the {{usermanagement}}\u00a0path.\n\nThis vulnerability can only be exploited by IPs specified under the crowd application allowlist in the Remote Addresses configuration, which is {{none}} by default.\n\nThe affected versions are all versions 3.x.x, versions 4.x.x before version 4.4.4, and versions 5.x.x before 5.0.3"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Security Misconfiguration",
              "lang": "en",
              "type": "Security Misconfiguration"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-17T00:00:01.315Z",
        "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
        "shortName": "atlassian"
      },
      "references": [
        {
          "url": "https://jira.atlassian.com/browse/CWD-5888"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
    "assignerShortName": "atlassian",
    "cveId": "CVE-2022-43782",
    "datePublished": "2022-11-17T00:00:01.315Z",
    "dateReserved": "2022-10-26T14:49:11.115Z",
    "dateUpdated": "2024-10-02T15:05:47.174Z",
    "requesterUserId": "4ceb4895-2afc-4c29-bf72-c2e04b367c52",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.