Lucene search

AminozhenkoJRASERVER-69933

HistorySep 09, 2019 - 1:22 a.m.

Template injection in Jira importers plugin - CVE-2019-15001

2019-09-0901:22:16

aminozhenko

jira.atlassian.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.016

Percentile

87.6%

JSON

h3. Issue Summary

There was a server-side template injection vulnerability in Jira Server and Data Center, in the Jira Importers Plugin (JIM). An attacker with “JIRA Administrators” access can exploit this issue. Successful exploitation of this issue allows an attacker to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center.

Affected version:

Versions of Jira Server & Jira Data Center starting with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8 (the fixed version for 7.13.x), from 8.0.0 before 8.1.3 (the fixed version for 8.1.x), from 8.2.0 before 8.2.5 (the fixed version for 8.2.x), and from 8.3.0 before 8.3.4 (the fixed version for 8.3.x) , and from 8.4.0 before 8.4.1 (the fixed version for 8.4.x) are affected by this vulnerability.

h3. Fix

We have released the following versions of Jira Server & Jira Data Center to address this issue:

8.4.1 which is available for download from https://www.atlassian.com/software/jira/download
8.3.4 which is available for download from https://www.atlassian.com/software/jira/update
8.2.5 which is available for download from https://www.atlassian.com/software/jira/update
8.1.3 which is available for download from https://www.atlassian.com/software/jira/update
7.13.8 which is available for download from https://www.atlassian.com/software/jira/update
7.6.16 which is available for download from https://www.atlassian.com/software/jira/update

We have released the following versions of Jira Software Server to address this issue:

8.4.1 which is available for download from https://www.atlassian.com/software/jira/download
8.3.4 which is available for download from https://www.atlassian.com/software/jira/update
8.2.5 which is available for download from https://www.atlassian.com/software/jira/update
8.1.3 which is available for download from https://www.atlassian.com/software/jira/update
7.13.8 which is available for download from https://www.atlassian.com/software/jira/update
7.6.16 which is available for download from https://www.atlassian.com/software/jira/update

For additional details, see the [full advisory|https://confluence.atlassian.com/jira/jira-security-advisory-2019-09-18-976766250.html].

Affected configurations

Vulners

Node

atlassianjira_data_centerRange≤8.3.3

atlassianjira_data_centerRange<7.6.16

atlassianjira_data_centerRange<8.2.5

atlassianjira_data_centerRange<8.1.3

atlassianjira_data_centerRange<8.3.4

atlassianjira_data_centerRange<8.4.1

atlassianjira_data_centerRange<7.13.8

VendorProductVersionCPE
atlassianjira_data_center*cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
atlassian	jira_data_center	*	cpe:2.3:a:atlassian:jira_data_center::::::::

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.016

Percentile

87.6%

JSON

Related for JRASERVER-69933