FKIE_CVE-2019-15001

Vulnerability from fkie_nvd - Published: 2019-09-19 15:15 - Updated: 2024-11-21 04:27
Severity
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request.
References
security@atlassian.comhttp://packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.htmlThird Party Advisory, VDB Entry
security@atlassian.comhttps://jira.atlassian.com/browse/JRASERVER-69933Release Notes, Vendor Advisory
security@atlassian.comhttps://seclists.org/bugtraq/2019/Sep/42Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://jira.atlassian.com/browse/JRASERVER-69933Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://seclists.org/bugtraq/2019/Sep/42Mailing List, Third Party Advisory
Impacted products
Vendor Product Version
atlassian jira_server *
atlassian jira_server *
atlassian jira_server *
atlassian jira_server *
atlassian jira_server *
atlassian jira_server 8.4.0
atlassian jira_data_center *
atlassian jira_data_center *
atlassian jira_data_center *
atlassian jira_data_center *
atlassian jira_data_center *
atlassian jira_data_center 8.4.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27645527-F779-4D88-A5DC-3889826057F8",
              "versionEndExcluding": "7.6.16",
              "versionStartIncluding": "7.0.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713AA6-6A8E-4047-A2BB-F3DD86F4027F",
              "versionEndExcluding": "7.13.8",
              "versionStartIncluding": "7.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "619C9169-030E-4DFA-980B-579C7BEE92EA",
              "versionEndExcluding": "8.1.3",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D84658-E0FE-46A1-8632-E82A617B424C",
              "versionEndExcluding": "8.2.5",
              "versionStartIncluding": "8.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CCF9D19-3053-4B57-AE4F-462F26CB7488",
              "versionEndExcluding": "8.3.4",
              "versionStartIncluding": "8.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:jira_server:8.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D45212C3-E178-40D9-B3EF-2738A879A345",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1099688C-6260-4216-83C9-29ED1347FC9C",
              "versionEndExcluding": "7.6.16",
              "versionStartIncluding": "7.0.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03E27B59-BCEA-433E-94AF-81125454834F",
              "versionEndExcluding": "7.13.8",
              "versionStartIncluding": "7.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AE27B6F-A8A0-4083-8F80-60D3AD0DBAB5",
              "versionEndExcluding": "8.1.3",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "221A13F3-D7C3-4F70-B6C6-375B77153C6E",
              "versionEndExcluding": "8.2.5",
              "versionStartIncluding": "8.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0D36CAF-2183-4989-BB31-6EFA15AD6372",
              "versionEndExcluding": "8.3.4",
              "versionStartIncluding": "8.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:jira_data_center:8.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "93D2C7F2-FA9A-471B-8B98-F4089E68ABA7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request."
    },
    {
      "lang": "es",
      "value": "El plugin Jira Importers en Atlassian Jira Server y Data Cente desde la versi\u00f3n 7.0.10 anterior a 7.6.16, desde 7.7.0 anterior a 7.13.8, desde 8.0.0 anterior a 8.1.3, desde 8.2.0 anterior a 8.2.5, desde 8.3.0 anterior a 8.3.4 y desde 8.4.0 anteriores a 8.4.1, permite a atacantes remotos con permisos de Administrador conseguir la ejecuci\u00f3n de c\u00f3digo remota por medio de una vulnerabilidad de inyecci\u00f3n de plantilla mediante el uso de una petici\u00f3n PUT dise\u00f1ada"
    }
  ],
  "id": "CVE-2019-15001",
  "lastModified": "2024-11-21T04:27:51.093",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-09-19T15:15:15.500",
  "references": [
    {
      "source": "security@atlassian.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.html"
    },
    {
      "source": "security@atlassian.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://jira.atlassian.com/browse/JRASERVER-69933"
    },
    {
      "source": "security@atlassian.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Sep/42"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://jira.atlassian.com/browse/JRASERVER-69933"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Sep/42"
    }
  ],
  "sourceIdentifier": "security@atlassian.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.