Skip to main content

Hipchat

3 CVEs product

Monthly

CVE-2017-14586 CRITICAL Act Now

The Hipchat for Mac desktop client is vulnerable to client-side remote code execution via video call link parsing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Hipchat
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2017-8058 MEDIUM This Month

Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Atlassian Information Disclosure Hipchat
NVD
CVSS 3.0
5.9
EPSS
0.1%
CVE-2015-5603 MEDIUM POC THREAT This Month

The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.5%.

Java Atlassian RCE Code Injection Hipchat
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
82.5%
Threat
5.3
EPSS 3% CVSS 9.8
CRITICAL Act Now

The Hipchat for Mac desktop client is vulnerable to client-side remote code execution via video call link parsing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Hipchat
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Atlassian Information Disclosure +1
NVD
EPSS 83% 5.3 CVSS 6.5
MEDIUM POC THREAT This Month

The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.5%.

Java Atlassian RCE +2
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy