First published: Mon Aug 03 2020(Updated: )
Affected versions of Atlassian Fisheye allow remote attackers to view the HTTP password of a repository via an Information Disclosure vulnerability in the logging feature. The affected versions are before version 4.8.3.
Credit: security@atlassian.com
Affected Software | Affected Version | How to fix |
---|---|---|
Atlassian FishEye | <4.8.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2017-18112.
Affected versions of Atlassian FishEye are impacted by this vulnerability.
The severity of CVE-2017-18112 is considered medium with a severity value of 6.5.
Remote attackers can exploit CVE-2017-18112 to view the HTTP password of a repository through an Information Disclosure vulnerability in the logging feature.
To fix CVE-2017-18112, upgrade Atlassian FishEye to version 4.8.3 or newer.