Lucene search

K
atlassianSecurity-metrics-botATLASSIAN:JSDSERVER-6589
HistoryOct 11, 2019 - 3:12 a.m.

URL path traversal allows information disclosure - CVE-2019-15004

2019-10-1103:12:10
security-metrics-bot
jira.atlassian.com
22

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

URL path traversal allows information disclosure - CVE-2019-15004
Severity
Atlassian rates the severity level of this vulnerability as critical, according to the scale published in our Atlassian severity levels. The scale allows us to rank the severity as critical, high, moderate or low.

This is our assessment and you should evaluate its applicability to your own IT environment.

Description
By design, Jira Service Desk gives customer portal users permissions only to raise requests and view issues. This allows users to interact with the customer portal without having direct access to Jira. These restrictions can be bypassed by a remote attacker with portal access who exploits authorization bypass. Note that attackers can grant themselves access to Jira Service Desk portals that have the “Anyone can email the service desk or raise a request in the portal” setting enabled. Exploitation allows an attacker to view all issues within all Jira projects contained in the vulnerable instance. This could include Jira Service Desk projects, Jira Core projects, and Jira Software projects.

Which versions are affected?

All versions of Jira Service Desk before 3.9.17, from 3.10.0 before 3.16.9, from 4.0.0 to 4.0.3, from 4.1.0 to 4.1.3, from 4.2.0 before 4.2.6, from 4.3.0 before 4.3.5, from 4.4.0 before 4.4.3, and from 4.5.0 before 4.5.1 are affected by this vulnerability.

Mitigation

Refer to the Jira KB for more information on these workarounds.

*For more information, see the full advisory at https://confluence.atlassian.com/jira/jira-service-desk-security-advisory-2019-11-06-979412717.html.

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

Related for ATLASSIAN:JSDSERVER-6589