CVE-2018-5231

The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to perform a denial of service attack via sending requests to it.

Published: May 16, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-5231
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
atlassian / jira	-	7.6.6
atlassian / jira_server	7.7.0	7.7.4
atlassian / jira_server	7.9.0	7.9.2
atlassian / jira_server	7.8.0	7.8.4

http://www.securityfocus.com/bid/104205
https://jira.atlassian.com/browse/JRASERVER-67290

Vulnerability Database

289,697

CVE-2018-5231