Vulnerability-Lookup

CVE-2021-26077 (GCVE-0-2021-26077)

Vulnerability from cvelistv5 – Published: 2021-05-09 23:55 – Updated: 2025-02-12 20:57

Summary

Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.

Severity ?

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L

CWE

Broken Authentication

Assigner

atlassian

References

URL

Tags

	https://community.developer.atlassian.com/t/actio…	x_refsource_MISC
	https://confluence.atlassian.com/pages/viewpage.a…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Atlassian	Atlassian Connect Spring Boot (ACSB)	Affected: 1.1.0 , < unspecified (custom) Affected: unspecified , < 2.1.3 (custom) Affected: 2.1.4 , < unspecified (custom) Affected: unspecified , < 2.1.5 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:19:19.375Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-26077",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-12T20:57:46.523916Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-287",
                "description": "CWE-287 Improper Authentication",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T20:57:51.249Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Atlassian Connect Spring Boot (ACSB)",
          "vendor": "Atlassian",
          "versions": [
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "1.1.0",
              "versionType": "custom"
            },
            {
              "lessThan": "2.1.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "2.1.4",
              "versionType": "custom"
            },
            {
              "lessThan": "2.1.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-05-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Broken Authentication",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-05-09T23:55:09.000Z",
        "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
        "shortName": "atlassian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@atlassian.com",
          "DATE_PUBLIC": "2021-05-07T12:00:00",
          "ID": "CVE-2021-26077",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Atlassian Connect Spring Boot (ACSB)",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_value": "1.1.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "2.1.3"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "2.1.4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "2.1.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Atlassian"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Broken Authentication"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072",
              "refsource": "MISC",
              "url": "https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072"
            },
            {
              "name": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147",
              "refsource": "MISC",
              "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
    "assignerShortName": "atlassian",
    "cveId": "CVE-2021-26077",
    "datePublished": "2021-05-09T23:55:09.616Z",
    "dateReserved": "2021-01-25T00:00:00.000Z",
    "dateUpdated": "2025-02-12T20:57:51.249Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-26077\",\"sourceIdentifier\":\"security@atlassian.com\",\"published\":\"2021-05-10T00:15:07.543\",\"lastModified\":\"2025-02-12T21:15:10.730\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.\"},{\"lang\":\"es\",\"value\":\"Autenticaci\u00f3n rota en Atlassian Connect Spring Boot (ACSB) en la versi\u00f3n 1.1.0 antes de la versi\u00f3n 2.1.3 y a partir de la versi\u00f3n 2.1.4 antes de la versi\u00f3n 2.1.5: Atlassian Connect Spring Boot es un paquete Java Spring Boot para crear aplicaciones de Atlassian Connect. La autenticaci\u00f3n entre los productos de Atlassian y la aplicaci\u00f3n Atlassian Connect Spring Boot se produce con un JWT de servidor a servidor o un JWT de contexto. Las versiones de Atlassian Connect Spring Boot 1.1.0 antes de la versi\u00f3n 2.1.3 y las versiones 2.1.4 antes de la versi\u00f3n 2.1.5 aceptan err\u00f3neamente JWTs de contexto en los puntos finales del ciclo de vida (como la instalaci\u00f3n) cuando s\u00f3lo deber\u00edan aceptarse JWTs de servidor a servidor, lo que permite a un atacante enviar eventos de reinstalaci\u00f3n autenticados a una aplicaci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.1,\"impactScore\":5.3}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:connect_spring_boot:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.0\",\"versionEndExcluding\":\"2.1.3\",\"matchCriteriaId\":\"2AA2CBC2-F9F4-4F3C-8446-D995F1D8AE2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:connect_spring_boot:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.1.4\",\"versionEndExcluding\":\"2.1.5\",\"matchCriteriaId\":\"66CA153C-C748-4587-BFAE-5DD259FAA94B\"}]}]}],\"references\":[{\"url\":\"https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072\",\"source\":\"security@atlassian.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147\",\"source\":\"security@atlassian.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T20:19:19.375Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 9.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-26077\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-12T20:57:46.523916Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"CWE-287 Improper Authentication\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-12T20:57:36.758Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Atlassian\", \"product\": \"Atlassian Connect Spring Boot (ACSB)\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.1.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"2.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2.1.4\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"2.1.5\", \"versionType\": \"custom\"}]}], \"datePublic\": \"2021-05-07T00:00:00.000Z\", \"references\": [{\"url\": \"https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Broken Authentication\"}]}], \"providerMetadata\": {\"orgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"shortName\": \"atlassian\", \"dateUpdated\": \"2021-05-09T23:55:09.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"1.1.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"2.1.3\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"2.1.4\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"2.1.5\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"Atlassian Connect Spring Boot (ACSB)\"}]}, \"vendor_name\": \"Atlassian\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072\", \"name\": \"https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072\", \"refsource\": \"MISC\"}, {\"url\": \"https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147\", \"name\": \"https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Broken Authentication\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2021-26077\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@atlassian.com\", \"DATE_PUBLIC\": \"2021-05-07T12:00:00\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-26077\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-12T20:57:51.249Z\", \"dateReserved\": \"2021-01-25T00:00:00.000Z\", \"assignerOrgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"datePublished\": \"2021-05-09T23:55:09.616Z\", \"assignerShortName\": \"atlassian\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GSD-2021-26077

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-26077

Aliases

CVE-2021-26077

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-26077",
    "description": "Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.",
    "id": "GSD-2021-26077"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-26077"
      ],
      "details": "Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.",
      "id": "GSD-2021-26077",
      "modified": "2023-12-13T01:23:33.133568Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@atlassian.com",
        "DATE_PUBLIC": "2021-05-07T12:00:00",
        "ID": "CVE-2021-26077",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Atlassian Connect Spring Boot (ACSB)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003e=",
                          "version_value": "1.1.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "2.1.3"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "2.1.4"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "2.1.5"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Atlassian"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Broken Authentication"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072",
            "refsource": "MISC",
            "url": "https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072"
          },
          {
            "name": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147",
            "refsource": "MISC",
            "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[1.1.0,2.1.3),[2.1.4,2.1.5)",
          "affected_versions": "All versions starting from 1.1.0 before 2.1.3, all versions starting from 2.1.4 before 2.1.5",
          "cvss_v2": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-287",
            "CWE-937"
          ],
          "date": "2021-06-16",
          "description": "Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.",
          "fixed_versions": [
            "2.1.3",
            "2.1.5"
          ],
          "identifier": "CVE-2021-26077",
          "identifiers": [
            "GHSA-2x7v-w2mv-f3rx",
            "CVE-2021-26077"
          ],
          "not_impacted": "All versions before 1.1.0, all versions starting from 2.1.3 before 2.1.4, all versions starting from 2.1.5",
          "package_slug": "maven/com.atlassian.connect/atlassian-connect-spring-boot",
          "pubdate": "2021-06-16",
          "solution": "Upgrade to versions 2.1.3, 2.1.5 or above.",
          "title": "Improper Authentication",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-26077",
            "https://github.com/advisories/GHSA-2x7v-w2mv-f3rx"
          ],
          "uuid": "ca47ba53-3ee7-45a8-bbc9-03c1ff7e5f0e"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:connect_spring_boot:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.1.3",
                "versionStartIncluding": "1.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:connect_spring_boot:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.1.5",
                "versionStartIncluding": "2.1.4",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@atlassian.com",
          "ID": "CVE-2021-26077"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147"
            },
            {
              "name": "https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Vendor Advisory"
              ],
              "url": "https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-05-18T17:43Z",
      "publishedDate": "2021-05-10T00:15Z"
    }
  }
}

CNVD-2021-38775

Vulnerability from cnvd - Published: 2021-06-02

Title

Atlassian Connect Spring Boot授权问题漏洞

Description

Atlassian Connect Spring Boot是澳大利亚Atlassian公司的一个应用组件。提供一个Spring Boot入门程序，用于为JIRA（软件，服务台和核心）和Confluence构建Atlassian Connect附加组件。 Atlassian Connect Spring Boot存在授权问题漏洞。该漏洞源于程序错误地接受生命周期终结点（例如安装）中的上下文JWT，从而允许攻击者发送经过身份验证的重新安装事件到应用程序。

Severity

中

Patch Name

Atlassian Connect Spring Boot授权问题漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-26077

Impacted products

Name
['Atlassian Connect Spring Boot >=1.1.0，<2.1.3', 'Atlassian Connect Spring Boot >=2.1.4，<2.1.5']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-26077"
    }
  },
  "description": "Atlassian Connect Spring Boot\u662f\u6fb3\u5927\u5229\u4e9aAtlassian\u516c\u53f8\u7684\u4e00\u4e2a\u5e94\u7528\u7ec4\u4ef6\u3002\u63d0\u4f9b\u4e00\u4e2aSpring Boot\u5165\u95e8\u7a0b\u5e8f\uff0c\u7528\u4e8e\u4e3aJIRA\uff08\u8f6f\u4ef6\uff0c\u670d\u52a1\u53f0\u548c\u6838\u5fc3\uff09\u548cConfluence\u6784\u5efaAtlassian Connect\u9644\u52a0\u7ec4\u4ef6\u3002\n\nAtlassian Connect Spring Boot\u5b58\u5728\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u9519\u8bef\u5730\u63a5\u53d7\u751f\u547d\u5468\u671f\u7ec8\u7ed3\u70b9\uff08\u4f8b\u5982\u5b89\u88c5\uff09\u4e2d\u7684\u4e0a\u4e0b\u6587JWT\uff0c\u4ece\u800c\u5141\u8bb8\u653b\u51fb\u8005\u53d1\u9001\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u91cd\u65b0\u5b89\u88c5\u4e8b\u4ef6\u5230\u5e94\u7528\u7a0b\u5e8f\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-38775",
  "openTime": "2021-06-02",
  "patchDescription": "Atlassian Connect Spring Boot\u662f\u6fb3\u5927\u5229\u4e9aAtlassian\u516c\u53f8\u7684\u4e00\u4e2a\u5e94\u7528\u7ec4\u4ef6\u3002\u63d0\u4f9b\u4e00\u4e2aSpring Boot\u5165\u95e8\u7a0b\u5e8f\uff0c\u7528\u4e8e\u4e3aJIRA\uff08\u8f6f\u4ef6\uff0c\u670d\u52a1\u53f0\u548c\u6838\u5fc3\uff09\u548cConfluence\u6784\u5efaAtlassian Connect\u9644\u52a0\u7ec4\u4ef6\u3002\r\n\r\nAtlassian Connect Spring Boot\u5b58\u5728\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u9519\u8bef\u5730\u63a5\u53d7\u751f\u547d\u5468\u671f\u7ec8\u7ed3\u70b9\uff08\u4f8b\u5982\u5b89\u88c5\uff09\u4e2d\u7684\u4e0a\u4e0b\u6587JWT\uff0c\u4ece\u800c\u5141\u8bb8\u653b\u51fb\u8005\u53d1\u9001\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u91cd\u65b0\u5b89\u88c5\u4e8b\u4ef6\u5230\u5e94\u7528\u7a0b\u5e8f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Atlassian Connect Spring Boot\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Atlassian Connect Spring Boot \u003e=1.1.0\uff0c\u003c2.1.3",
      "Atlassian Connect Spring Boot \u003e=2.1.4\uff0c\u003c2.1.5"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-26077",
  "serverity": "\u4e2d",
  "submitTime": "2021-05-11",
  "title": "Atlassian Connect Spring Boot\u6388\u6743\u95ee\u9898\u6f0f\u6d1e"
}

GHSA-2X7V-W2MV-F3RX

Vulnerability from github – Published: 2021-06-16 17:23 – Updated: 2021-05-19 19:44

Summary

Improper Authentication in Atlassian Connect Spring Boot

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.atlassian.connect:atlassian-connect-spring-boot"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.1.0"
            },
            {
              "fixed": "2.1.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.atlassian.connect:atlassian-connect-spring-boot"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.1.4"
            },
            {
              "fixed": "2.1.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-26077"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-19T19:44:33Z",
    "nvd_published_at": "2021-05-10T00:15:00Z",
    "severity": "HIGH"
  },
  "details": "Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.",
  "id": "GHSA-2x7v-w2mv-f3rx",
  "modified": "2021-05-19T19:44:33Z",
  "published": "2021-06-16T17:23:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26077"
    },
    {
      "type": "WEB",
      "url": "https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072"
    },
    {
      "type": "WEB",
      "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Authentication in Atlassian Connect Spring Boot"
}

FKIE_CVE-2021-26077

Vulnerability from fkie_nvd - Published: 2021-05-10 00:15 - Updated: 2025-02-12 21:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L

Summary

References

URL	Tags
security@atlassian.com	https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072	Exploit, Issue Tracking, Vendor Advisory
security@atlassian.com	https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072	Exploit, Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147	Vendor Advisory

Impacted products

	Vendor	Product	Version
	atlassian	connect_spring_boot	*
	atlassian	connect_spring_boot	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:atlassian:connect_spring_boot:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA2CBC2-F9F4-4F3C-8446-D995F1D8AE2E",
              "versionEndExcluding": "2.1.3",
              "versionStartIncluding": "1.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:connect_spring_boot:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66CA153C-C748-4587-BFAE-5DD259FAA94B",
              "versionEndExcluding": "2.1.5",
              "versionStartIncluding": "2.1.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app."
    },
    {
      "lang": "es",
      "value": "Autenticaci\u00f3n rota en Atlassian Connect Spring Boot (ACSB) en la versi\u00f3n 1.1.0 antes de la versi\u00f3n 2.1.3 y a partir de la versi\u00f3n 2.1.4 antes de la versi\u00f3n 2.1.5: Atlassian Connect Spring Boot es un paquete Java Spring Boot para crear aplicaciones de Atlassian Connect. La autenticaci\u00f3n entre los productos de Atlassian y la aplicaci\u00f3n Atlassian Connect Spring Boot se produce con un JWT de servidor a servidor o un JWT de contexto. Las versiones de Atlassian Connect Spring Boot 1.1.0 antes de la versi\u00f3n 2.1.3 y las versiones 2.1.4 antes de la versi\u00f3n 2.1.5 aceptan err\u00f3neamente JWTs de contexto en los puntos finales del ciclo de vida (como la instalaci\u00f3n) cuando s\u00f3lo deber\u00edan aceptarse JWTs de servidor a servidor, lo que permite a un atacante enviar eventos de reinstalaci\u00f3n autenticados a una aplicaci\u00f3n"
    }
  ],
  "id": "CVE-2021-26077",
  "lastModified": "2025-02-12T21:15:10.730",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 5.3,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2021-05-10T00:15:07.543",
  "references": [
    {
      "source": "security@atlassian.com",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072"
    },
    {
      "source": "security@atlassian.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://community.developer.atlassian.com/t/action-required-atlassian-connect-vulnerability-allows-bypass-of-app-qsh-verification-via-context-jwts/47072"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1063555147"
    }
  ],
  "sourceIdentifier": "security@atlassian.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-26077 (GCVE-0-2021-26077)

GSD-2021-26077

CNVD-2021-38775

GHSA-2X7V-W2MV-F3RX

FKIE_CVE-2021-26077

Tags

Sightings

Nomenclature