CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-20233

The Upload add-on resource in Atlassian Universal Plugin Manager before version 2.22.14 allows remote attackers who have system administrator privileges to read files, make network requests and perform a denial of service attack via an XML External Entity vulnerability in the parsing of atlassian plugin xml files in an uploaded JAR.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.5%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 5.5

References

Products affected by CVE-2018-20233

Atlassian » Universal Plugin Manager » Version: 1.0

cpe:2.3:a:atlassian:universal_plugin_manager:1.0
Atlassian » Universal Plugin Manager » Version: 1.0.1

cpe:2.3:a:atlassian:universal_plugin_manager:1.0.1
Atlassian » Universal Plugin Manager » Version: 1.1.1

cpe:2.3:a:atlassian:universal_plugin_manager:1.1.1
Atlassian » Universal Plugin Manager » Version: 1.1.2

cpe:2.3:a:atlassian:universal_plugin_manager:1.1.2
Atlassian » Universal Plugin Manager » Version: 1.1.3

cpe:2.3:a:atlassian:universal_plugin_manager:1.1.3
Atlassian » Universal Plugin Manager » Version: 1.1.4

cpe:2.3:a:atlassian:universal_plugin_manager:1.1.4
Atlassian » Universal Plugin Manager » Version: 1.3.1

cpe:2.3:a:atlassian:universal_plugin_manager:1.3.1
Atlassian » Universal Plugin Manager » Version: 1.3.2

cpe:2.3:a:atlassian:universal_plugin_manager:1.3.2
Atlassian » Universal Plugin Manager » Version: 1.4

cpe:2.3:a:atlassian:universal_plugin_manager:1.4
Atlassian » Universal Plugin Manager » Version: 1.5

cpe:2.3:a:atlassian:universal_plugin_manager:1.5
Atlassian » Universal Plugin Manager » Version: 1.6.1

cpe:2.3:a:atlassian:universal_plugin_manager:1.6.1
Atlassian » Universal Plugin Manager » Version: 1.6.2

cpe:2.3:a:atlassian:universal_plugin_manager:1.6.2
Atlassian » Universal Plugin Manager » Version: 1.6.3

cpe:2.3:a:atlassian:universal_plugin_manager:1.6.3
Atlassian » Universal Plugin Manager » Version: 1.6.4

cpe:2.3:a:atlassian:universal_plugin_manager:1.6.4
Atlassian » Universal Plugin Manager » Version: 2.0

cpe:2.3:a:atlassian:universal_plugin_manager:2.0
Atlassian » Universal Plugin Manager » Version: 2.0.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.0.2
Atlassian » Universal Plugin Manager » Version: 2.0.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.0.3
Atlassian » Universal Plugin Manager » Version: 2.0.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.0.4
Atlassian » Universal Plugin Manager » Version: 2.0.5

cpe:2.3:a:atlassian:universal_plugin_manager:2.0.5
Atlassian » Universal Plugin Manager » Version: 2.0.6

cpe:2.3:a:atlassian:universal_plugin_manager:2.0.6
Atlassian » Universal Plugin Manager » Version: 2.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.1
Atlassian » Universal Plugin Manager » Version: 2.1.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.1.1
Atlassian » Universal Plugin Manager » Version: 2.1.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.1.2
Atlassian » Universal Plugin Manager » Version: 2.1.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.1.3
Atlassian » Universal Plugin Manager » Version: 2.1.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.1.4
Atlassian » Universal Plugin Manager » Version: 2.1.5

cpe:2.3:a:atlassian:universal_plugin_manager:2.1.5
Atlassian » Universal Plugin Manager » Version: 2.10

cpe:2.3:a:atlassian:universal_plugin_manager:2.10
Atlassian » Universal Plugin Manager » Version: 2.10.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.10.1
Atlassian » Universal Plugin Manager » Version: 2.10.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.10.2
Atlassian » Universal Plugin Manager » Version: 2.11

cpe:2.3:a:atlassian:universal_plugin_manager:2.11
Atlassian » Universal Plugin Manager » Version: 2.12

cpe:2.3:a:atlassian:universal_plugin_manager:2.12
Atlassian » Universal Plugin Manager » Version: 2.12.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.12.1
Atlassian » Universal Plugin Manager » Version: 2.12.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.12.2
Atlassian » Universal Plugin Manager » Version: 2.12.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.12.3
Atlassian » Universal Plugin Manager » Version: 2.12.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.12.4
Atlassian » Universal Plugin Manager » Version: 2.13.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.13.3
Atlassian » Universal Plugin Manager » Version: 2.14

cpe:2.3:a:atlassian:universal_plugin_manager:2.14
Atlassian » Universal Plugin Manager » Version: 2.14.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.14.1
Atlassian » Universal Plugin Manager » Version: 2.14.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.14.2
Atlassian » Universal Plugin Manager » Version: 2.14.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.14.3
Atlassian » Universal Plugin Manager » Version: 2.14.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.14.4
Atlassian » Universal Plugin Manager » Version: 2.14.5

cpe:2.3:a:atlassian:universal_plugin_manager:2.14.5
Atlassian » Universal Plugin Manager » Version: 2.15

cpe:2.3:a:atlassian:universal_plugin_manager:2.15
Atlassian » Universal Plugin Manager » Version: 2.15.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.15.1
Atlassian » Universal Plugin Manager » Version: 2.15.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.15.2
Atlassian » Universal Plugin Manager » Version: 2.15.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.15.3
Atlassian » Universal Plugin Manager » Version: 2.16

cpe:2.3:a:atlassian:universal_plugin_manager:2.16
Atlassian » Universal Plugin Manager » Version: 2.16.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.16.1
Atlassian » Universal Plugin Manager » Version: 2.16.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.16.2
Atlassian » Universal Plugin Manager » Version: 2.16.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.16.3
Atlassian » Universal Plugin Manager » Version: 2.16.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.16.4
Atlassian » Universal Plugin Manager » Version: 2.16.5

cpe:2.3:a:atlassian:universal_plugin_manager:2.16.5
Atlassian » Universal Plugin Manager » Version: 2.17

cpe:2.3:a:atlassian:universal_plugin_manager:2.17
Atlassian » Universal Plugin Manager » Version: 2.17.10

cpe:2.3:a:atlassian:universal_plugin_manager:2.17.10
Atlassian » Universal Plugin Manager » Version: 2.17.11

cpe:2.3:a:atlassian:universal_plugin_manager:2.17.11
Atlassian » Universal Plugin Manager » Version: 2.17.13

cpe:2.3:a:atlassian:universal_plugin_manager:2.17.13
Atlassian » Universal Plugin Manager » Version: 2.17.14

cpe:2.3:a:atlassian:universal_plugin_manager:2.17.14
Atlassian » Universal Plugin Manager » Version: 2.17.15

cpe:2.3:a:atlassian:universal_plugin_manager:2.17.15
Atlassian » Universal Plugin Manager » Version: 2.17.17

cpe:2.3:a:atlassian:universal_plugin_manager:2.17.17
Atlassian » Universal Plugin Manager » Version: 2.17.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.17.4
Atlassian » Universal Plugin Manager » Version: 2.17.5

cpe:2.3:a:atlassian:universal_plugin_manager:2.17.5
Atlassian » Universal Plugin Manager » Version: 2.17.6

cpe:2.3:a:atlassian:universal_plugin_manager:2.17.6
Atlassian » Universal Plugin Manager » Version: 2.17.7

cpe:2.3:a:atlassian:universal_plugin_manager:2.17.7
Atlassian » Universal Plugin Manager » Version: 2.17.8

cpe:2.3:a:atlassian:universal_plugin_manager:2.17.8
Atlassian » Universal Plugin Manager » Version: 2.18

cpe:2.3:a:atlassian:universal_plugin_manager:2.18
Atlassian » Universal Plugin Manager » Version: 2.18.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.18.1
Atlassian » Universal Plugin Manager » Version: 2.18.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.18.2
Atlassian » Universal Plugin Manager » Version: 2.18.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.18.4
Atlassian » Universal Plugin Manager » Version: 2.18.5

cpe:2.3:a:atlassian:universal_plugin_manager:2.18.5
Atlassian » Universal Plugin Manager » Version: 2.19.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.19.1
Atlassian » Universal Plugin Manager » Version: 2.19.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.19.2
Atlassian » Universal Plugin Manager » Version: 2.19.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.19.3
Atlassian » Universal Plugin Manager » Version: 2.19.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.19.4
Atlassian » Universal Plugin Manager » Version: 2.19.6

cpe:2.3:a:atlassian:universal_plugin_manager:2.19.6
Atlassian » Universal Plugin Manager » Version: 2.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.2
Atlassian » Universal Plugin Manager » Version: 2.2.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.2.2
Atlassian » Universal Plugin Manager » Version: 2.2.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.2.3
Atlassian » Universal Plugin Manager » Version: 2.2.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.2.4
Atlassian » Universal Plugin Manager » Version: 2.20

cpe:2.3:a:atlassian:universal_plugin_manager:2.20
Atlassian » Universal Plugin Manager » Version: 2.20.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.20.1
Atlassian » Universal Plugin Manager » Version: 2.20.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.20.2
Atlassian » Universal Plugin Manager » Version: 2.20.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.20.3
Atlassian » Universal Plugin Manager » Version: 2.20.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.20.4
Atlassian » Universal Plugin Manager » Version: 2.20.5

cpe:2.3:a:atlassian:universal_plugin_manager:2.20.5
Atlassian » Universal Plugin Manager » Version: 2.20.6

cpe:2.3:a:atlassian:universal_plugin_manager:2.20.6
Atlassian » Universal Plugin Manager » Version: 2.20.7

cpe:2.3:a:atlassian:universal_plugin_manager:2.20.7
Atlassian » Universal Plugin Manager » Version: 2.21

cpe:2.3:a:atlassian:universal_plugin_manager:2.21
Atlassian » Universal Plugin Manager » Version: 2.21.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.21.2
Atlassian » Universal Plugin Manager » Version: 2.21.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.21.3
Atlassian » Universal Plugin Manager » Version: 2.21.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.21.4
Atlassian » Universal Plugin Manager » Version: 2.21.5

cpe:2.3:a:atlassian:universal_plugin_manager:2.21.5
Atlassian » Universal Plugin Manager » Version: 2.22

cpe:2.3:a:atlassian:universal_plugin_manager:2.22
Atlassian » Universal Plugin Manager » Version: 2.22.10

cpe:2.3:a:atlassian:universal_plugin_manager:2.22.10
Atlassian » Universal Plugin Manager » Version: 2.22.11

cpe:2.3:a:atlassian:universal_plugin_manager:2.22.11
Atlassian » Universal Plugin Manager » Version: 2.22.12

cpe:2.3:a:atlassian:universal_plugin_manager:2.22.12
Atlassian » Universal Plugin Manager » Version: 2.22.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.22.2
Atlassian » Universal Plugin Manager » Version: 2.22.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.22.3
Atlassian » Universal Plugin Manager » Version: 2.22.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.22.4
Atlassian » Universal Plugin Manager » Version: 2.22.5

cpe:2.3:a:atlassian:universal_plugin_manager:2.22.5
Atlassian » Universal Plugin Manager » Version: 2.22.6

cpe:2.3:a:atlassian:universal_plugin_manager:2.22.6
Atlassian » Universal Plugin Manager » Version: 2.22.8

cpe:2.3:a:atlassian:universal_plugin_manager:2.22.8
Atlassian » Universal Plugin Manager » Version: 2.22.9

cpe:2.3:a:atlassian:universal_plugin_manager:2.22.9
Atlassian » Universal Plugin Manager » Version: 2.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.3
Atlassian » Universal Plugin Manager » Version: 2.3.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.3.1
Atlassian » Universal Plugin Manager » Version: 2.3.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.3.2
Atlassian » Universal Plugin Manager » Version: 2.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.4
Atlassian » Universal Plugin Manager » Version: 2.4.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.4.1
Atlassian » Universal Plugin Manager » Version: 2.4.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.4.2
Atlassian » Universal Plugin Manager » Version: 2.4.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.4.3
Atlassian » Universal Plugin Manager » Version: 2.5

cpe:2.3:a:atlassian:universal_plugin_manager:2.5
Atlassian » Universal Plugin Manager » Version: 2.5.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.5.1
Atlassian » Universal Plugin Manager » Version: 2.5.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.5.2
Atlassian » Universal Plugin Manager » Version: 2.6

cpe:2.3:a:atlassian:universal_plugin_manager:2.6
Atlassian » Universal Plugin Manager » Version: 2.6.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.6.1
Atlassian » Universal Plugin Manager » Version: 2.7.10

cpe:2.3:a:atlassian:universal_plugin_manager:2.7.10
Atlassian » Universal Plugin Manager » Version: 2.7.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.7.2
Atlassian » Universal Plugin Manager » Version: 2.7.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.7.3
Atlassian » Universal Plugin Manager » Version: 2.7.4

cpe:2.3:a:atlassian:universal_plugin_manager:2.7.4
Atlassian » Universal Plugin Manager » Version: 2.7.6

cpe:2.3:a:atlassian:universal_plugin_manager:2.7.6
Atlassian » Universal Plugin Manager » Version: 2.7.7

cpe:2.3:a:atlassian:universal_plugin_manager:2.7.7
Atlassian » Universal Plugin Manager » Version: 2.8

cpe:2.3:a:atlassian:universal_plugin_manager:2.8
Atlassian » Universal Plugin Manager » Version: 2.8.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.8.1
Atlassian » Universal Plugin Manager » Version: 2.8.2

cpe:2.3:a:atlassian:universal_plugin_manager:2.8.2
Atlassian » Universal Plugin Manager » Version: 2.9

cpe:2.3:a:atlassian:universal_plugin_manager:2.9
Atlassian » Universal Plugin Manager » Version: 2.9.1

cpe:2.3:a:atlassian:universal_plugin_manager:2.9.1
Atlassian » Universal Plugin Manager » Version: 2.9.3

cpe:2.3:a:atlassian:universal_plugin_manager:2.9.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-20233

Products

Pricing

Contact Us