- Home
- CVEs with nessus.description==According to its self-reported version number, the instance of
Atlassian JIRA hosted on the remote web server is prior to 6.4.10 or
7.0.0-OD-02. It is, therefore, potentially affected by a security
feature bypass vulnerability, known as Bar Mitzvah, due to improper
combination of state data with key data by the RC4 cipher algorithm
during the initialization phase. A man-in-the-middle attacker can
exploit this, via a brute-force attack using LSB values, to decrypt
the traffic.
Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top