What is the severity of CVE-2017-18101?

CVE-2017-18101 has a medium severity rating, allowing unauthorized remote import operations.

How do I fix CVE-2017-18101?

To fix CVE-2017-18101, upgrade Atlassian JIRA to version 7.6.5 or any later versions above 7.7.3, 7.8.3, or 7.9.0.

What versions of Atlassian JIRA are affected by CVE-2017-18101?

CVE-2017-18101 affects versions of Atlassian JIRA before 7.6.5, 7.7.0 to 7.7.3, 7.8.0 to 7.8.3, and all versions prior to 7.9.0.

Can CVE-2017-18101 allow data exposure?

Yes, CVE-2017-18101 could allow attackers to determine if certain import operations can be executed, potentially exposing sensitive data.

What impact does CVE-2017-18101 have on system security?

CVE-2017-18101 poses a risk to system security by enabling unauthorized users to perform import operations, which may lead to further exploitation.

Vulnerability/
CVE-2017-18101

medium

6.5

CWE

862 284

10/4/2018

16/9/2024

CVE-2017-18101

First published: Tue Apr 10 2018(Updated: )

Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote attackers to run import operations and to determine if an internal service exists through missing permission checks.

Credit: security@atlassian.com

Affected Software	Affected Version	How to fix
Atlassian Jira	<7.6.5
Atlassian Server	>=7.7.0<7.7.3
Atlassian Server	>=7.8.0<7.8.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-18101?
CVE-2017-18101 has a medium severity rating, allowing unauthorized remote import operations.
How do I fix CVE-2017-18101?
To fix CVE-2017-18101, upgrade Atlassian JIRA to version 7.6.5 or any later versions above 7.7.3, 7.8.3, or 7.9.0.
What versions of Atlassian JIRA are affected by CVE-2017-18101?
CVE-2017-18101 affects versions of Atlassian JIRA before 7.6.5, 7.7.0 to 7.7.3, 7.8.0 to 7.8.3, and all versions prior to 7.9.0.
Can CVE-2017-18101 allow data exposure?
Yes, CVE-2017-18101 could allow attackers to determine if certain import operations can be executed, potentially exposing sensitive data.
What impact does CVE-2017-18101 have on system security?
CVE-2017-18101 poses a risk to system security by enabling unauthorized users to perform import operations, which may lead to further exploitation.

agent/type
agent/weakness
agent/references
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/atlassian
canonical/atlassian jira
canonical/atlassian server
version/atlassian server/7.7.0
version/atlassian server/7.8.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.