CVE-2018-13390
N/A
N/A
Summary
Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subnet to gain temporary AWS credentials for the users' roles.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Atlassian | cloudtoken | 0.1.1 < unspecified | affected |
| Atlassian | cloudtoken | unspecified < 0.1.24 | affected |
Weaknesses
- Improper Restriction of Communication Channel to Intended Endpoints
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.