Atlassian - Crowd2 CVE

Filtered by vendor Atlassian Subscribe

Filtered by product Crowd2

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-1000423	1 Atlassian	1 Crowd2	2020-08-24	2.1 LOW	7.8 HIGH
An insufficiently protected credentials vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java, CrowdConfigurationService.java that allows attackers with local file system access to obtain the credentials used to connect to Crowd 2.

Vulnerabilities (CVE)