CVE-2017-18108

Summary

The administration SMTP configuration resource in Atlassian Crowd before version 2.10.2 allows remote attackers with administration rights to execute arbitrary code via a JNDI injection.

Affected Software

VendorProductVersion RangeStatus
AtlassianCrowdunspecified < 2.10.2affected

Weaknesses

  • n/a

ADP Enrichment

CVE Program Container

Additional References

References