3 matches found
Atlassian Jira 7.2.x < 8.18.1 / 8.19.0 (JRASERVER-72660)
The version of Atlassian Jira installed on the remote host is prior to 7.2.x 8.18.1 / 8.19.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-72660 advisory. - Remote code execution in workflow import - CVE-2017-18113 CVE-2017-18113 Note that Nessus has not tested for...
CVE-2017-18113
Summary: CVE-2017-18113 affects Jira Server/Data Center prior to 8.18.1, where the DefaultOSWorkflowConfigurator can be manipulated via crafted workflows to trigger Remote Code Execution (RCE). The underlying issue involves unsafe OSWorkflow classes being used in workflows, allowing an attacker t...
Remote code execution in workflow import - CVE-2017-18113
The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution RCE vulnerability which allowed for various...