Crowd server
This hub aggregates every CVE we track for Crowd server, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
2
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 4 most recently published vulnerabilities affecting Crowd server.
- CVE-2023-22521This High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of...8.8
- CVE-2022-43782Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd's REST AP...9.8
- CVE-2022-26137A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atla...8.8
- CVE-2022-26136A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used b...9.8
Product normalization is registry-driven with AI assist and human review. How it works