CVE-2017-14586

9.8CRITICAL

Key Information:

Vendor: Atlassian
Status: Hipchat For Mac Desktop Client
Vendor: CVE Published:; 27 November 2017

Summary

The Hipchat for Mac desktop client is vulnerable to client-side remote code execution via video call link parsing. Hipchat for Mac desktop clients at or above version 4.0 and before version 4.30 are affected by this vulnerability.

Affected Version(s)

Hipchat for Mac desktop client 4.0 <= version < 4.30

References

http://www.securityfocus.com/bid/101947

vdb-entryx_refsource_BID

https://jira.atlassian.com/browse/HCPUB-3473

x_refsource_CONFIRM

https://confluence.atlassian.com/hc/hipchat-server-securi...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 27, 2017
Vulnerability Reserved
Sep 19, 2017