Unrated severityNVD Advisory· Published Mar 14, 2022· Updated Oct 4, 2024
CVE-2021-43954
CVE-2021-43954
Description
The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed remote attackers, who have 'can add repository permission', to enumerate the existence of internal network and filesystem resources via a Server-Side Request Forgery (SSRF) vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
2- jira.atlassian.com/browse/CRUC-8520mitrex_refsource_MISC
- jira.atlassian.com/browse/FE-7384mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.