CVE-2022-43782 (GCVE-0-2022-43782)
Vulnerability from cvelistv5
Published
2022-11-17 00:00
Modified
2024-10-02 15:05
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • Security Misconfiguration
Summary
Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd's REST API under the {{usermanagement}} path. This vulnerability can only be exploited by IPs specified under the crowd application allowlist in the Remote Addresses configuration, which is {{none}} by default. The affected versions are all versions 3.x.x, versions 4.x.x before version 4.4.4, and versions 5.x.x before 5.0.3
References
Impacted products
Vendor Product Version
Atlassian Crowd Data Center Version: before 4.4.4
Version: before 5.0.3
 Create a notification for this product.
   Atlassian Crowd Server Version: before 4.4.4
Version: before 5.0.3
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:40:06.314Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jira.atlassian.com/browse/CWD-5888"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "crowd",
            "vendor": "atlassian",
            "versions": [
              {
                "lessThan": "4.4.4",
                "status": "affected",
                "version": "3.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "5.0.3",
                "status": "affected",
                "version": "5.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-43782",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T15:01:35.451793Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T15:05:47.174Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Crowd Data Center",
          "vendor": "Atlassian",
          "versions": [
            {
              "status": "unaffected",
              "version": "before 3.0.0"
            },
            {
              "status": "affected",
              "version": "before 4.4.4"
            },
            {
              "status": "affected",
              "version": "before 5.0.3"
            }
          ]
        },
        {
          "product": "Crowd Server",
          "vendor": "Atlassian",
          "versions": [
            {
              "status": "unaffected",
              "version": "before 3.0.0"
            },
            {
              "status": "affected",
              "version": "before 4.4.4"
            },
            {
              "status": "affected",
              "version": "before 5.0.3"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Ashish Kotha"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Affected versions of Atlassian Crowd allow an attacker to authenticate as the\u00a0crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd\u0027s REST API under the {{usermanagement}}\u00a0path.\n\nThis vulnerability can only be exploited by IPs specified under the crowd application allowlist in the Remote Addresses configuration, which is {{none}} by default.\n\nThe affected versions are all versions 3.x.x, versions 4.x.x before version 4.4.4, and versions 5.x.x before 5.0.3"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Security Misconfiguration",
              "lang": "en",
              "type": "Security Misconfiguration"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-17T00:00:01.315Z",
        "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
        "shortName": "atlassian"
      },
      "references": [
        {
          "url": "https://jira.atlassian.com/browse/CWD-5888"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
    "assignerShortName": "atlassian",
    "cveId": "CVE-2022-43782",
    "datePublished": "2022-11-17T00:00:01.315Z",
    "dateReserved": "2022-10-26T14:49:11.115Z",
    "dateUpdated": "2024-10-02T15:05:47.174Z",
    "requesterUserId": "4ceb4895-2afc-4c29-bf72-c2e04b367c52",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://jira.atlassian.com/browse/CWD-5888\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T13:40:06.314Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-43782\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-02T15:01:35.451793Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*\"], \"vendor\": \"atlassian\", \"product\": \"crowd\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"4.4.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"5.0.0\", \"lessThan\": \"5.0.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-02T15:05:41.241Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"Ashish Kotha\"}], \"affected\": [{\"vendor\": \"Atlassian\", \"product\": \"Crowd Data Center\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"before 3.0.0\"}, {\"status\": \"affected\", \"version\": \"before 4.4.4\"}, {\"status\": \"affected\", \"version\": \"before 5.0.3\"}]}, {\"vendor\": \"Atlassian\", \"product\": \"Crowd Server\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"before 3.0.0\"}, {\"status\": \"affected\", \"version\": \"before 4.4.4\"}, {\"status\": \"affected\", \"version\": \"before 5.0.3\"}]}], \"references\": [{\"url\": \"https://jira.atlassian.com/browse/CWD-5888\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Affected versions of Atlassian Crowd allow an attacker to authenticate as the\\u00a0crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd\u0027s REST API under the {{usermanagement}}\\u00a0path.\\n\\nThis vulnerability can only be exploited by IPs specified under the crowd application allowlist in the Remote Addresses configuration, which is {{none}} by default.\\n\\nThe affected versions are all versions 3.x.x, versions 4.x.x before version 4.4.4, and versions 5.x.x before 5.0.3\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"Security Misconfiguration\", \"description\": \"Security Misconfiguration\"}]}], \"providerMetadata\": {\"orgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"shortName\": \"atlassian\", \"dateUpdated\": \"2022-11-17T00:00:01.315Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-43782\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-02T15:05:47.174Z\", \"dateReserved\": \"2022-10-26T14:49:11.115Z\", \"assignerOrgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"datePublished\": \"2022-11-17T00:00:01.315Z\", \"requesterUserId\": \"4ceb4895-2afc-4c29-bf72-c2e04b367c52\", \"assignerShortName\": \"atlassian\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.