atlassian

468 tracked vulnerabilities.

CVE-2019-14999 MEDIUM
Atlassian Universal Plugin Manager <2.22.19, 3.0.0-3.0.3, 4.0.0-4.0.3 CSRF via Uninstall REST Endpoint
Aug 23, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-11589 MEDIUM
Jira <7.13.6, <8.0.0-<8.2.3, <8.3.0-<8.3.2 - Open Redirect
Aug 23, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-11588 MEDIUM
Jira <7.13.6, <8.0.0-<8.2.3, <8.3.0-<8.3.2 - CSRF
Aug 23, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-11587 MEDIUM
Jira <7.13.6, <8.0.0-<8.2.3, <8.3.0-<8.3.2 - CSRF
Aug 23, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-11586 MEDIUM
Jira <7.13.6, <8.0.0-<8.2.3, <8.3.0-<8.3.2 - CSRF
Aug 23, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-11585 MEDIUM
Jira <7.13.6, <8.0.0-<8.2.3, <8.3.0-<8.3.2 - Open Redirect
Aug 23, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-11584 MEDIUM
Jira < 8.3.2 - Stored Cross-Site Scripting via Priority Icon URL
Aug 23, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-15053 MEDIUM
HTML Include and Replace Macro < 1.4.2 - Cross-Site Scripting via IFRAME Element
Aug 14, 2019
CVSS 6.8
EPSS 0.01
CVE-2019-8448 MEDIUM
Jira Server 7.11.0-7.13.3 and 8.0.0-8.2.1 - Username Enumeration via Login Page
Aug 13, 2019
CVSS 5.3
EPSS 0.00
CVE-2019-11581 CRITICAL KEVNUCLEI
Jira Server/Data Center <7.6.14, <7.13.5, <8.0.3, <8.1.2, <8.2.3 - RCE
Aug 09, 2019
CVSS 9.8
EPSS 0.94
CVE-2019-13990 CRITICAL
Terracotta Quartz Scheduler <2.3.0 - SSRF
Jul 26, 2019
CVSS 9.8
EPSS 0.13
CVE-2019-11583 MEDIUM
Jira < 8.1.0 - Denial of Service via Epic Name Search Ordering
Jun 26, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-11582 HIGH
Atlassian Sourcetree for Windows <3.1.3 - Command Injection
Jun 14, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-3397 CRITICAL
Atlassian Bitbucket < 5.13.6 - Path Traversal
Jun 03, 2019
CVSS 9.1
EPSS 0.05
CVE-2019-11580 CRITICAL KEVNUCLEI
Atlassian Crowd 2.1.0-3.4.3 - Remote Code Execution via pdkinstall Plugin
Jun 03, 2019
CVSS 9.8
EPSS 0.94
CVE-2019-8443 HIGH
Jira < 7.13.4, 8.0.0-8.0.4, 8.1.0-8.1.1 - Improper Authentication via ViewUpgrades Resource
May 22, 2019
CVSS 8.1
EPSS 0.01
CVE-2019-8442 HIGH NUCLEI
Jira <7.13.4, <8.0.4, <8.1.1 - Path Traversal
May 22, 2019
CVSS 7.5
EPSS 0.93
CVE-2019-3403 MEDIUM NUCLEI
Jira < 7.13.3, 8.0.0-8.0.3, 8.1.0 - Unauthenticated Username Enumeration via User Picker REST Endpoint
May 22, 2019
CVSS 5.3
EPSS 0.83
CVE-2019-3402 MEDIUM NUCLEI
Jira <7.13.3 and 8.0.0-8.1.1 - Cross-Site Scripting via searchOwnerUserName Parameter
May 22, 2019
CVSS 6.1
EPSS 0.03
CVE-2019-3401 MEDIUM NUCLEI
Jira < 7.13.3 and 8.0.0-8.1.1 - Unauthenticated Username Enumeration via ManageFilters.jspa
May 22, 2019
CVSS 5.3
EPSS 0.66
CVE-2019-3400 MEDIUM
Jira Server < 7.13.2 and 8.0.0-8.0.2 - Cross-Site Scripting via JQL Parameter
May 03, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-3399 HIGH
Jira <7.13.2 and 8.0.0-8.0.2 - Unauthenticated Information Disclosure via BrowseProjects.jspa
Apr 30, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-3398 HIGH KEVNUCLEI
Confluence Server 6.15.1 - Path Traversal and Remote Code Execution
Apr 18, 2019
CVSS 8.8
EPSS 0.94
CVE-2019-3396 CRITICAL KEVNUCLEI
Atlassian Confluence Widget Connector Macro Velocity Template Injection
Mar 25, 2019
CVSS 9.8
EPSS 0.94
CVE-2019-3395 CRITICAL
Atlassian Confluence <6.6.12, 6.13.0-6.13.3 - Server-Side Request Forgery via WebDAV Endpoint
Mar 25, 2019
CVSS 9.8
EPSS 0.08
Products
jira 142 jira_server 135 jira_data_center 79 crucible 52 fisheye 52 confluence_server 49 jira_software_data_center 39 data_center 38 confluence_data_center 36 bamboo 24 crowd 24 bitbucket 20 confluence 19 jira_service_management 16 sourcetree 15 jira_align 13 jira_service_desk 12 application_links 7 Atlassian Fisheye and Crucible 5 hipchat 5 agiloft 4 floodlight 4 Bamboo 3 bitbucket_data_center 3 companion 3 hipchat_server 3 questions_for_confluence 3 universal_plugin_manager 3 Atlassian Crucible 2 Bamboo Data Center 2
Quick Filters
Critical CVEs With Exploits In CISA KEV