CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
24.8%
An issue summary information disclosure vulnerability exists in Atlassian Jira Tempo plugin, version 4.10.0. Authenticated users can obtain the summary for issues they do not have permission to view via the Tempo plugin.
Atlassian Jira 7.6.4 Atlassian Jira Tempo Core system plugin 4.10.0
<https://www.atlassian.com/software/jira>
4.3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE-862 - Missing Authorization
An attacker can use this vector to view the summary of arbitrary issues. In order for the exploit to run successfully, the user must have a valid session. This does not display any actual time information collected by the tempo plugin.
With an authenticated session, submit a GET to /secure/TempoIssueBoard!timesheet.jspa?issue=<ISSUE-KEY>
, replacing <ISSUE-KEY>
with a valid issue key.
2019-05-14 - Vendor Disclosure
2019-06-11 - Issued to 3rd party vendor (Tempo)
2019-06-21 - Vendor (Tempo) fixed
2019-09-16 - Public Release
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
24.8%