Jira on Windows was vulnerable to DLL hijacking - CVE-2019-20400

XMLWordPrintable

    • 8.03
    • Severity 2 - Major

      The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hijacking vulnerability.

      Acknowledgment

      We would like to thank Peleg Hadar of SafeBreach Labs for reporting this vulnerability.

            Assignee:
            Unassigned
            Reporter:
            Security Metrics Bot
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: