CVE-2012-2927

The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and 7.x before 7.0.3 for Atlassian JIRA does not properly restrict the capabilities of third-party XML parsers, which allows remote authenticated users to cause a denial of service (resource consumption) via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
tm_softwaretempo
𝑥
≤ 6.4.3
tm_softwaretempo
2.2
tm_softwaretempo
2.3
tm_softwaretempo
2.3.1
tm_softwaretempo
2.4.1
tm_softwaretempo
2.5.1
tm_softwaretempo
2.6.1
tm_softwaretempo
2.7.1
tm_softwaretempo
2.8.1
tm_softwaretempo
4.0
tm_softwaretempo
4.0.1
tm_softwaretempo
4.1
tm_softwaretempo
4.2
tm_softwaretempo
4.3
tm_softwaretempo
4.4
tm_softwaretempo
4.4.2
tm_softwaretempo
4.5
tm_softwaretempo
4.5.2
tm_softwaretempo
5.0
tm_softwaretempo
5.1
tm_softwaretempo
5.1.1
tm_softwaretempo
5.2
tm_softwaretempo
5.2.1
tm_softwaretempo
5.2.2
tm_softwaretempo
5.2.3
tm_softwaretempo
5.3
tm_softwaretempo
5.3.1
tm_softwaretempo
5.3.2
tm_softwaretempo
5.3.3
tm_softwaretempo
5.3.3.1
tm_softwaretempo
5.4
tm_softwaretempo
5.4.1
tm_softwaretempo
5.4.2
tm_softwaretempo
6.0.0
tm_softwaretempo
6.0.1
tm_softwaretempo
6.0.2
tm_softwaretempo
6.0.3
tm_softwaretempo
6.1.0
tm_softwaretempo
6.1.1:jira42
tm_softwaretempo
6.2.0
tm_softwaretempo
6.2.1-jira42
tm_softwaretempo
6.2.2:jira42
tm_softwaretempo
6.2.3:jira42
tm_softwaretempo
6.2.4:jira42
tm_softwaretempo
6.2.5:jira42
tm_softwaretempo
6.2.6:jira42
tm_softwaretempo
6.2.7:jira42
tm_softwaretempo
6.3.1:jira42
tm_softwaretempo
6.4:jira42
tm_softwaretempo
6.4.2
tm_softwaretempo
6.5
tm_softwaretempo
7.0
tm_softwaretempo
7.0.0:rc1
tm_softwaretempo
7.0.0:rc2
tm_softwaretempo
7.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17
http://osvdb.org/81993
http://secunia.com/advisories/49166
http://www.securityfocus.com/bid/53595
https://exchange.xforce.ibmcloud.com/vulnerabilities/75697
http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17
http://osvdb.org/81993
http://secunia.com/advisories/49166
http://www.securityfocus.com/bid/53595
https://exchange.xforce.ibmcloud.com/vulnerabilities/75697