6.1
CVE-2018-13390
- EPSS 0.11%
- Veröffentlicht 10.08.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:47:00
- Quelle security@atlassian.com
- CVE-Watchlists
- Unerledigt
LoginUnauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subnet to gain temporary AWS credentials for the users' roles.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Atlassian ≫ Cloudtoken Version >= 0.1.1 < 0.1.24
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.258 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 2.8 | 2.7 |
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
|
| nvd@nist.gov | 4.8 | 6.5 | 4.9 |
AV:A/AC:L/Au:N/C:P/I:P/A:N
|