{"href": "https://www.seebug.org/vuldb/ssvid-61734", "status": "cve,details", "bulletinFamily": "exploit", "modified": "2014-03-11T00:00:00", "title": "Atlassian JIRA Issue Collector\u63d2\u4ef6\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 4.3}, "sourceHref": "", "cvelist": ["CVE-2014-2313"], "description": "CVE ID:CVE-2014-2313\r\n\r\nAtlassian JIRA\u662f\u4e00\u6b3e\u57fa\u4e8eJ2EE\u6280\u672f\u7684\u9879\u76ee\u95ee\u9898\u8ddf\u8e2a\u4ee5\u53ca\u7ba1\u7406\u8f6f\u4ef6\u3002\r\n\r\nAtlassian JIRA Issue Collector\u63d2\u4ef6\u5b58\u5728\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u521b\u5efa\u4efb\u610f\u6587\u4ef6\u3002\r\n0\r\nAtlassian JIRA\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nAtlassian\r\n-----\r\nAtlassian JIRA 6.0.4\u5df2\u7ecf\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttps://www.atlassian.com", "viewCount": 1, "published": "2014-03-11T00:00:00", "sourceData": "", "id": "SSV:61734", "enchantments_done": [], "type": "seebug", "lastseen": "2017-11-19T17:31:59", "reporter": "Root", "enchantments": {"score": {"value": 5.7, "vector": "NONE", "modified": "2017-11-19T17:31:59", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-2313"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310106154"]}, {"type": "nessus", "idList": ["JIRA_6_0_5.NASL"]}], "modified": "2017-11-19T17:31:59", "rev": 2}, "vulnersScore": 5.7}, "references": []}

{"cve": [{"lastseen": "2020-12-09T19:58:22", "description": "Directory traversal vulnerability in the Importers plugin in Atlassian JIRA before 6.0.5 allows remote attackers to create arbitrary files via unspecified vectors.\nPer: https://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2014-02-26\n\n\"Issue 2: Path traversal in JIRA Importers plugin (Windows only)\"", "edition": 5, "cvss3": {}, "published": "2014-03-09T13:16:00", "title": "CVE-2014-2313", "type": "cve", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-2313"], "modified": "2014-03-10T16:38:00", "cpe": ["cpe:/a:atlassian:jira:6.0", "cpe:/a:atlassian:jira:6.0.1", "cpe:/a:atlassian:jira:6.0.3", "cpe:/a:atlassian:jira:6.0.2", "cpe:/a:atlassian:jira:6.0.4"], "id": "CVE-2014-2313", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2313", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:atlassian:jira:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:jira:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:jira:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:jira:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:jira:6.0.4:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:35:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-2313", "CVE-2014-2314"], "description": "Atlassian JIRA is prone to two directory traversal vulnerabilities.", "modified": "2018-11-13T00:00:00", "published": "2016-07-27T00:00:00", "id": "OPENVAS:1361412562310106154", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106154", "type": "openvas", "title": "Atlassian JIRA Directory Traversal Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_jira_dir_trav_vuln.nasl 12338 2018-11-13 14:51:17Z asteins $\n#\n# Atlassian JIRA Directory Traversal Vulnerability\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:atlassian:jira';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106154\");\n script_version(\"$Revision: 12338 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-13 15:51:17 +0100 (Tue, 13 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-27 15:23:00 +0700 (Wed, 27 Jul 2016)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_cve_id(\"CVE-2014-2313\", \"CVE-2014-2314\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Atlassian JIRA Directory Traversal Vulnerability\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_atlassian_jira_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"atlassian_jira/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Atlassian JIRA is prone to two directory traversal vulnerabilities.\");\n\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Atlassian JIRA is prone to two directory traversal vulnerabilities:\n\nDirectory traversal vulnerability in the Importers plugin allows remote attackers to create arbitrary files\nvia unspecified vectors. (CVE-2014-2313)\n\nDirectory traversal vulnerability in the Issue Collector plugin allows remote attackers to create arbitrary\nfiles via unspecified vectors. (CVE-2014-2314)\");\n\n script_tag(name:\"impact\", value:\"An unauthenticated remote attacker may upload arbitrary files.\");\n\n script_tag(name:\"affected\", value:\"Versions prior to 6.0.5 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to 6.0.5\");\n\n script_xref(name:\"URL\", value:\"http://blog.h3xstream.com/2014/02/jira-path-traversal-explained.html\");\n script_xref(name:\"URL\", value:\"https://confluence.atlassian.com/jira/jira-security-advisory-2014-02-26-445188412.html\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_is_less_equal(version: version, test_version: \"6.0.4\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"6.0.5\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-20T11:36:13", "description": "According to its self-reported version number, the version of\nAtlassian JIRA hosted on the remote web server is prior to version\n6.0.5. It is, therefore, potentially affected by multiple\nvulnerabilities :\n\n - A cross-site scripting vulnerability exists in the Admin\n Panel due to a failure to sanitize user-supplied input\n to the 'name' parameter in file deleteuserconfirm.jsp.\n A remote attacker can exploit this, by using a crafted\n request, to execute arbitrary script code in a user's\n browser. (CVE-2013-5319)\n\n - A flaw exists in the Importers plugin due to improper\n sanitization of user-supplied input, which allows\n traversing outside a restricted path. A remote,\n unauthenticated attacker, using a crafted request, can\n exploit this vulnerability to create files in arbitrary\n directories in the JIRA installation. This vulnerability\n only affects JIRA running on the Windows OS.\n (CVE-2014-2313)\n\nNote that the Importers plugin for JIRA is also affected by this\nvulnerability; however, Nessus did not did confirm that this plugin is\ninstalled.", "edition": 26, "published": "2014-03-31T00:00:00", "title": "Atlassian JIRA < 6.0.5 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-2313", "CVE-2013-5319"], "modified": "2014-03-31T00:00:00", "cpe": ["cpe:/a:atlassian:jira"], "id": "JIRA_6_0_5.NASL", "href": "https://www.tenable.com/plugins/nessus/73273", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73273);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-5319\", \"CVE-2014-2313\");\n script_bugtraq_id(61647, 65841);\n\n script_name(english:\"Atlassian JIRA < 6.0.5 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of JIRA.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts a web application that is potentially\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the version of\nAtlassian JIRA hosted on the remote web server is prior to version\n6.0.5. It is, therefore, potentially affected by multiple\nvulnerabilities :\n\n - A cross-site scripting vulnerability exists in the Admin\n Panel due to a failure to sanitize user-supplied input\n to the 'name' parameter in file deleteuserconfirm.jsp.\n A remote attacker can exploit this, by using a crafted\n request, to execute arbitrary script code in a user's\n browser. (CVE-2013-5319)\n\n - A flaw exists in the Importers plugin due to improper\n sanitization of user-supplied input, which allows\n traversing outside a restricted path. A remote,\n unauthenticated attacker, using a crafted request, can\n exploit this vulnerability to create files in arbitrary\n directories in the JIRA installation. This vulnerability\n only affects JIRA running on the Windows OS.\n (CVE-2014-2313)\n\nNote that the Importers plugin for JIRA is also affected by this\nvulnerability; however, Nessus did not did confirm that this plugin is\ninstalled.\");\n # https://confluence.atlassian.com/jira/jira-security-advisory-2014-02-26-445188412.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7c962b4a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jira.atlassian.com/browse/JRA-34160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jira.atlassian.com/browse/JRA-36441\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to JIRA 6.0.5 or later, and upgrade or disable the Importers\nplugin.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/31\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:atlassian:jira\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"jira_detect.nasl\");\n script_require_keys(\"installed_sw/Atlassian JIRA\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 8080);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"http.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp = \"Atlassian JIRA\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:8080);\n\ninstall = get_single_install(\n app_name : app,\n port : port,\n exit_if_unknown_ver : TRUE\n);\n\n# Prevent potential false positives.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\ndir = install['path'];\nver = install['version'];\n\nurl = build_url(port:port, qs:dir);\n\n# Check if the host is affected.\nfix = \"6.0.5\";\nif (ver_compare(ver:ver, fix:fix, strict:FALSE) >= 0)\n audit(AUDIT_WEB_APP_NOT_AFFECTED, app, url, ver);\n\n# Set XSS KB for version 6.x installs only.\nif (ver =~ \"^6\\.\") set_kb_item(name: 'www/'+port+'/XSS', value: TRUE);\n\n# Report our findings.\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n URL : ' + url +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n}\nsecurity_warning(port:port, extra:report);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}