VYPR
High severity7.5NVD Advisory· Published Aug 24, 2017· Updated Jun 17, 2026

CVE-2017-9512

CVE-2017-9512

Description

The mostActiveCommitters.do resource in Atlassian Fisheye and Crucible, before version 4.4.1 allows anonymous remote attackers to access sensitive information, for example email addresses of committers, as it lacked permission checks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:atlassian:crucible:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:atlassian:crucible:*:*:*:*:*:*:*:*range: <=4.4.0
    • (no CPE)range: <4.4.1
  • Atlassian/Fisheye2 versions
    cpe:2.3:a:atlassian:fisheye:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:atlassian:fisheye:*:*:*:*:*:*:*:*range: <=4.4.0
    • (no CPE)range: <4.4.1
  • Range: All versions prior to version 4.4.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.