Vulnerability Details CVE-2017-8080
Atlassian Hipchat Server before 2.2.4 allows remote authenticated users with user level privileges to execute arbitrary code via vectors involving image uploads.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- http://www.securityfocus.com/bid/98262
- https://confluence.atlassian.com/hc/hipchat-server-security-advisory-2017-04-24-894234898.html
- https://jira.atlassian.com/browse/HCPUB-2980
- http://www.securityfocus.com/bid/98262
- https://confluence.atlassian.com/hc/hipchat-server-security-advisory-2017-04-24-894234898.html
- https://jira.atlassian.com/browse/HCPUB-2980
Products affected by CVE-2017-8080
-
cpe:2.3:a:atlassian:hipchat_server:2.2.0
-
cpe:2.3:a:atlassian:hipchat_server:2.2.1
-
cpe:2.3:a:atlassian:hipchat_server:2.2.2
-
cpe:2.3:a:atlassian:hipchat_server:2.2.3