U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2022-26136

Change History

Initial Analysis by NIST 8/04/2022 11:50:26 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:* versions from (including) 7.2.0 up to (excluding) 7.2.10
     *cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (excluding) 8.0.9
     *cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:* versions from (including) 8.1.0 up to (excluding) 8.1.8
     *cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:* versions from (including) 8.2.0 up to (excluding) 8.2.4
     *cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:* versions up to (excluding) 7.6.16
     *cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:* versions from (including) 7.7.0 up to (excluding) 7.17.8
     *cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:* versions from (including) 7.18.0 up to (excluding) 7.19.5
     *cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:* versions from (including) 7.20.0 up to (excluding) 7.20.2
     *cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:* versions from (including) 7.21.0 up to (excluding) 7.21.2
     *cpe:2.3:a:atlassian:bitbucket:8.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:atlassian:bitbucket:8.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* versions up to (excluding) 7.4.17
     *cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* versions from (including) 7.5.0 up to (excluding) 7.13.7
     *cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* versions from (including) 7.14.0 up to (excluding) 7.14.3
     *cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* versions from (including) 7.15.0 up to (excluding) 7.15.2
     *cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* versions from (including) 7.16.0 up to (excluding) 7.16.4
     *cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* versions from (including) 7.17.0 up to (excluding) 7.17.4
     *cpe:2.3:a:atlassian:confluence_data_center:7.18.0:*:*:*:*:*:*:*
     *cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:* versions up to (excluding) 7.4.17
     *cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:* versions from (including) 7.5.0 up to (excluding) 7.13.7
     *cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:* versions from (including) 7.14.0 up to (excluding) 7.14.3
     *cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:* versions from (including) 7.15.0 up to (excluding) 7.15.2
     *cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:* versions from (including) 7.16.0 up to (excluding) 7.16.4
     *cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:* versions from (including) 7.17.0 up to (excluding) 7.17.4
     *cpe:2.3:a:atlassian:confluence_server:7.18.0:*:*:*:*:*:*:*
     *cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions up to (excluding) 4.3.8
     *cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* versions from (including) 4.4.0 up to (excluding) 4.4.2
     *cpe:2.3:a:atlassian:crowd:5.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:atlassian:crucible:*:*:*:*:*:*:*:* versions up to (excluding) 4.8.10
     *cpe:2.3:a:atlassian:fisheye:*:*:*:*:*:*:*:* versions up to (excluding) 4.8.10
     *cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:* versions from (including) 8.13.0 up to (excluding) 8.13.22
     *cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:* versions from (including) 8.14.0 up to (excluding) 8.20.10
     *cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:* versions from (including) 8.21.0 up to (excluding) 8.22.4
     *cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* versions from (including) 8.13.0 up to (excluding) 8.13.22
     *cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* versions from (including) 8.14.0 up to (excluding) 8.20.10
     *cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* versions from (including) 8.21.0 up to (excluding) 8.22.4
     *cpe:2.3:a:atlassian:jira_service_desk:*:*:*:*:data_center:*:*:* versions up to (excluding) 4.13.22
     *cpe:2.3:a:atlassian:jira_service_desk:*:*:*:*:server:*:*:* versions up to (excluding) 4.13.22
     *cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:* versions from (including) 4.14.0 up to (excluding) 4.20.10
     *cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:* versions from (including) 4.14.0 up to (excluding) 4.20.10
     *cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:* versions from (including) 4.21.0 up to (excluding) 4.22.4
     *cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:* versions from (including) 4.21.0 up to (excluding) 4.22.4
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
NIST CWE-287
Changed Reference Type
https://jira.atlassian.com/browse/BAM-21795 No Types Assigned
https://jira.atlassian.com/browse/BAM-21795 Issue Tracking, Patch, Vendor Advisory
Changed Reference Type
https://jira.atlassian.com/browse/BSERV-13370 No Types Assigned
https://jira.atlassian.com/browse/BSERV-13370 Issue Tracking, Patch, Vendor Advisory
Changed Reference Type
https://jira.atlassian.com/browse/CONFSERVER-79476 No Types Assigned
https://jira.atlassian.com/browse/CONFSERVER-79476 Issue Tracking, Patch, Vendor Advisory
Changed Reference Type
https://jira.atlassian.com/browse/CRUC-8541 No Types Assigned
https://jira.atlassian.com/browse/CRUC-8541 Issue Tracking, Patch, Vendor Advisory
Changed Reference Type
https://jira.atlassian.com/browse/CWD-5815 No Types Assigned
https://jira.atlassian.com/browse/CWD-5815 Issue Tracking, Patch, Vendor Advisory
Changed Reference Type
https://jira.atlassian.com/browse/FE-7410 No Types Assigned
https://jira.atlassian.com/browse/FE-7410 Issue Tracking, Patch, Vendor Advisory
Changed Reference Type
https://jira.atlassian.com/browse/JRASERVER-73897 No Types Assigned
https://jira.atlassian.com/browse/JRASERVER-73897 Issue Tracking, Patch, Vendor Advisory
Changed Reference Type
https://jira.atlassian.com/browse/JSDSERVER-11863 No Types Assigned
https://jira.atlassian.com/browse/JSDSERVER-11863 Issue Tracking, Patch, Vendor Advisory