Jira on Windows was vulnerable to DLL hijacking - CVE-2019-20400

XMLWordPrintable

    • 8.03
    • Severity 2 - Major

      The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hijacking vulnerability.

      Acknowledgment

      We would like to thank Peleg Hadar of SafeBreach Labs for reporting this vulnerability.

              Assignee:
              Unassigned
              Reporter:
              Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: