CVE-2021-37843

Published Aug 2, 2021

Last updated 3 years ago

CVSS critical 9.8

Overview

Description: The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user account when only the username is known (i.e., no other authentication is provided). The fixed versions are for Jira: 3.6.6.1, 4.0.12, 5.0.5; for Confluence 3.6.6, 4.0.12, 5.0.5; for Bitbucket 2.5.9, 3.6.6, 4.0.12, 5.0.5; for Bamboo 2.5.9, 3.6.6, 4.0.12, 5.0.5; and for Fisheye 2.5.9.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-306

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:bamboo:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD39D258-45B8-434F-BCA9-FC48C909B096",
            "versionEndExcluding": "2.5.9"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:bitbucket:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA97D8DF-2000-4491-8B4D-112B738DD10E",
            "versionEndExcluding": "2.5.9"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:fisheye:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE765A7D-D11F-4BE1-A966-E2D4909F07AE",
            "versionEndExcluding": "2.5.9"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "307D4F7D-A358-4B3D-B71A-D7A1B0D6ADDB",
            "versionEndExcluding": "3.5.6"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:jira:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD7C8764-BBB2-42D6-B2D6-BB8DCE397839",
            "versionEndExcluding": "3.6.6.1"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:bamboo:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA3485E5-E165-4645-A889-956DF4AB15DD",
            "versionEndExcluding": "3.6.6",
            "versionStartIncluding": "3.0.0"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:bitbucket:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8442443B-8EC2-4E57-BA18-084A3E417992",
            "versionEndExcluding": "3.6.6",
            "versionStartIncluding": "3.0.0"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1B8B377-0DF5-45C0-935E-2FAB5D19596F",
            "versionEndExcluding": "3.6.6.1",
            "versionStartIncluding": "3.6.0"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:bamboo:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37682F3C-7F5C-45D6-9F99-28C61B273D7F",
            "versionEndExcluding": "4.0.12",
            "versionStartIncluding": "4.0.0"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:bitbucket:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA9F2B09-BF8A-41AA-B778-C5640DA9BCB7",
            "versionEndExcluding": "4.0.12",
            "versionStartIncluding": "4.0.0"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "569F643B-A3A2-4CEF-B9C7-C95780944C0A",
            "versionEndExcluding": "4.0.12",
            "versionStartIncluding": "4.0.0"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:jira:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE0DEF1A-A4F7-4961-A359-089925518BB3",
            "versionEndExcluding": "4.0.12",
            "versionStartIncluding": "4.0.0"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:bamboo:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEDAD179-BC50-409F-9818-1CFC5786A2E9",
            "versionEndExcluding": "5.0.5",
            "versionStartIncluding": "5.0.0"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:bitbucket:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FCA80B4-5D1C-47EF-B050-25317040D58D",
            "versionEndExcluding": "5.0.5",
            "versionStartIncluding": "5.0.0"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:confluence:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8F83938-C132-4AFA-9171-DED93B641532",
            "versionEndExcluding": "5.0.5",
            "versionStartIncluding": "5.0.0"
          },
          {
            "criteria": "cpe:2.3:a:atlassian:saml_single_sign_on:*:*:*:*:*:jira:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E062ADF6-CA0C-481A-B684-9FC7387976D2",
            "versionEndExcluding": "5.0.5",
            "versionStartIncluding": "5.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References