CVE-2018-20238

HIGH

8.1

CVSS Severity Score

EPSS Score0.0520%

EPSS Percentile7.47th

Published2019年2月13日

Last Modified2024年11月21日

Vulnerability Description

Various rest resources in Atlassian Crowd before version 3.2.7 and from version 3.3.0 before version 3.3.4 allow remote attackers to authenticate using an expired user session via an insufficient session expiration vulnerability.

Affected Platforms (CPE)

📦

Atlassian

Crowd

< 3.2.7

📦

Atlassian

Crowd

>= 3.3.0 and < 3.3.4

References & Advisories

🔗 http://www.securityfocus.com/bid/107036

🔗 https://jira.atlassian.com/browse/CWD-5361

🔗 http://www.securityfocus.com/bid/107036

🔗 https://jira.atlassian.com/browse/CWD-5361

Vulnerability Description

Affected Platforms (CPE)

Crowd

Crowd

References & Advisories

相关漏洞威胁