Security Advisory

CVE-2021-43954

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-14 01:45:18

Last updated 2024-10-04 18:45:42

Assigner atlassian

State PUBLISHED

Description

The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed remote attackers, who have can add repository permission, to enumerate the existence of internal network and filesystem resources via a Server-Side Request Forgery (SSRF) vulnerability.

← Browse all CVEs View on cve.org ↗