6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.589 Medium
EPSS
Percentile
97.4%
We internally discovered that the HipChat For JIRA plugin had a resource that combined user input into a velocity template source and subsequently rendered it. Authenticated attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of the HipChat For JIRA plugin enabled. To exploit this issue attackers need to be able to access the JIRA web interface and log into JIRA. Vulnerable versions of the HipChat for JIRA plugin were bundled by default with JIRA since JIRA version 6.3.5, up to but not including 6.4.11 (the fixed version).
Affected versions:
Fix:
Risk Mitigation:
For additional details see the [full advisory|https://confluence.atlassian.com/x/IcBKLg].
CPE | Name | Operator | Version |
---|---|---|---|
jira (including jira core) | lt | 6.4.11 | |
jira (including jira core) | le | 6.3.5 | |
jira (including jira core) | le | 6.4.10 |