CVE-2019-15001

🗓️ 19 Sep 2019 14:28:36Reported by atlassianType

The Jira Importers Plugin in Atlassian Jira Server and Data Center allows remote code execution via crafted PUT reques

Reporter	Title	Published	Views	Family All 14
Atlassian	Template injection in Jira importers plugin - CVE-2019-15001	9 Sep 201901:22	–	atlassian
Atlassian	Template injection in Jira importers plugin - CVE-2019-15001	9 Sep 201901:22	–	atlassian
CVE	CVE-2019-15001	19 Sep 201914:28	–	cve
EUVD	EUVD-2019-6089	3 Oct 202520:07	–	euvd
Tenable Nessus	Atlassian Jira Server and Data Center Template Injection Vulnerability (JRASERVER-69933)	6 Nov 201900:00	–	nessus
Tenable Nessus	Atlassian Jira 7.0.10 < 7.6.16 Template Injection Vulnerability	9 Oct 201900:00	–	nessus
Tenable Nessus	Atlassian Jira 7.7.x < 7.13.8 Template Injection Vulnerability	9 Oct 201900:00	–	nessus
Tenable Nessus	Atlassian Jira 8.1.x < 8.1.3 Template Injection Vulnerability	9 Oct 201900:00	–	nessus
Tenable Nessus	Atlassian Jira 8.2.x < 8.2.5 Template Injection Vulnerability	9 Oct 201900:00	–	nessus
Tenable Nessus	Atlassian Jira 8.3.x < 8.3.4 Template Injection Vulnerability	9 Oct 201900:00	–	nessus

[
  {
    "product": "Jira Server",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.0.10",
        "versionType": "custom"
      },
      {
        "lessThan": "7.6.16",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.7.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.13.8",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.0.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.1.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.2.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.2.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.3.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.3.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.4.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.4.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Jira Data Center",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.0.10",
        "versionType": "custom"
      },
      {
        "lessThan": "7.6.16",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.7.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.13.8",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.0.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.1.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.2.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.2.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.3.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.3.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "8.4.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.4.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
seclists	www.seclists.org/bugtraq/2019/Sep/42
packetstormsecurity	www.packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.html
jira	www.jira.atlassian.com/browse/JRASERVER-69933

16 Jul 2020 14:01Current

7.4High risk

Vulners AI Score7.4

EPSS0.11506