CVE-2013-3925 - Vulnerability Details - OpenCVE

Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to (1) /services/2 or (2) services/latest with a DTD containing an XML external entity declaration in conjunction with an entity reference.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Atlassian	Crowd

Configuration 1 [-]

OR	cpe:2.3:a:atlassian:crowd:2.5.0:::::::*
	cpe:2.3:a:atlassian:crowd:2.5.1:::::::*
	cpe:2.3:a:atlassian:crowd:2.5.2:::::::*
	cpe:2.3:a:atlassian:crowd:2.5.3:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:atlassian:crowd:2.6.0:::::::*
	cpe:2.3:a:atlassian:crowd:2.6.1:::::::*
	cpe:2.3:a:atlassian:crowd:2.6.2:::::::*

Configuration 3 [-]

OR	cpe:2.3:a:atlassian:crowd:2.3.8:::::::*
	cpe:2.3:a:atlassian:crowd:2.4.9:::::::*

No data.

References

Link	Providers
http://www.commandfive.com/papers/C5_TA_2013_3925_AtlassianCrowd.pdf
https://jira.atlassian.com/browse/CWD-3366

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2013-07-01T21:00:00Z

Updated: 2024-09-16T19:37:09.961Z

Reserved: 2013-06-04T00:00:00Z

Link: CVE-2013-3925

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2013-07-01T21:55:02.170

Modified: 2025-04-11T00:51:21.963

Link: CVE-2013-3925

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to (1) /services/2 or (2) services/latest with a DTD containing an XML external entity declaration in conjunction with an entity reference."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-07-01T21:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.commandfive.com/papers/C5_TA_2013_3925_AtlassianCrowd.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://jira.atlassian.com/browse/CWD-3366"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-3925", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to (1) /services/2 or (2) services/latest with a DTD containing an XML external entity declaration in conjunction with an entity reference."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.commandfive.com/papers/C5_TA_2013_3925_AtlassianCrowd.pdf", "refsource": "MISC", "url": "http://www.commandfive.com/papers/C5_TA_2013_3925_AtlassianCrowd.pdf"}, {"name": "https://jira.atlassian.com/browse/CWD-3366", "refsource": "CONFIRM", "url": "https://jira.atlassian.com/browse/CWD-3366"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:22:01.474Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.commandfive.com/papers/C5_TA_2013_3925_AtlassianCrowd.pdf"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://jira.atlassian.com/browse/CWD-3366"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-3925", "datePublished": "2013-07-01T21:00:00Z", "dateReserved": "2013-06-04T00:00:00Z", "dateUpdated": "2024-09-16T19:37:09.961Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:atlassian:crowd:2.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "99E8058A-FACB-41B7-982F-E97C513EB814", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:crowd:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "13F2E20D-A958-4BA2-BD6A-C802B99CC57A", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:crowd:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D63E6CB9-266C-4348-AB2E-BDF568FA86D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:crowd:2.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "75DC949F-E218-4142-AAB5-AF932E9C93D6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:atlassian:crowd:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "99582FB9-DE06-40F6-9E19-9EBF10DD8A47", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:crowd:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "479873F5-3B68-44E3-989B-E714E531ADF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:crowd:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "AE29ECF3-D6E8-43E4-94F8-C6564B1BAF9F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:atlassian:crowd:2.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "3DBE57E2-9F40-400A-B476-2D3243843489", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:crowd:2.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "851C6C41-5BB8-4C8F-B268-68DF6C808AB8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to (1) /services/2 or (2) services/latest with a DTD containing an XML external entity declaration in conjunction with an entity reference."}, {"lang": "es", "value": "Atlassian Crowd v2.5.x anterior a v2.5.4, v2.6.x anterior a v2.6.3, v2.3.8, y v2.4.9 permite a atacantes remotos leer archivos de su elecci\u00f3n y el env\u00edo de peticiones HTTP a servidores de la intranet a trav\u00e9s de una petici\u00f3n a (1) /services/2 o (2) services/latest con una DTD que contiene una declaraci\u00f3n de entidad externa XML en conjunci\u00f3n con una referencia de entidad."}], "id": "CVE-2013-3925", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-07-01T21:55:02.170", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "URL Repurposed"], "url": "http://www.commandfive.com/papers/C5_TA_2013_3925_AtlassianCrowd.pdf"}, {"source": "cve@mitre.org", "url": "https://jira.atlassian.com/browse/CWD-3366"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "URL Repurposed"], "url": "http://www.commandfive.com/papers/C5_TA_2013_3925_AtlassianCrowd.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://jira.atlassian.com/browse/CWD-3366"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}