CVE-2021-43955

Summary

The /rest-service-fecru/server-v1 resource in Fisheye and Crucible before version 4.8.9 allowed authenticated remote attackers to obtain information about installation directories via information disclosure vulnerability.

Affected Software

VendorProductVersion RangeStatus
AtlassianFisheyeunspecified < 4.8.9affected
AtlassianCrucibleunspecified < 4.8.9affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References