Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-71197

Denial of service in Dashboard & Gadgets - CVE-2020-14167

      Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in Dashboard & Gadgets.

      Affected versions:

      • version < 7.13.14
      • 8.5.0 ≤ version < 8.5.5
      • 8.8.0 ≤ version < 8.8.2
      • 8.9.0 ≤ version < 8.9.1

      Fixed versions:

      • 7.13.14
      • 8.5.5
      • 8.8.2
      • 8.9.1
      • 8.10.0

            [JRASERVER-71197] Denial of service in Dashboard & Gadgets - CVE-2020-14167

            Nadeem Zakir added a comment - - edited

            is this fixed in Jira 8.5.8?

            Nadeem Zakir added a comment - - edited is this fixed in Jira 8.5.8?

            Hello,
            Sorry for writing here, but it is quite hard to reach Atlassian employees responsible for bugbounty elsewhere.

            I already asked the same question in https://jira.atlassian.com/browse/JRASERVER-70808, but I'll repeat it here in hopes to reach the right people.

            This Denial of Service issue has `bugbounty` label, which clearly indicates that t was reported to you via bugbounty.

            I've found DoS vulnerabilities in Jira and Confluence, which allow an unauthenticated attacker with just a single pc and average internet connection to take down entire servers.
            I tried reporting one of the vulnerabilities here, but it is marked as 'Out of scope' due to `No Load testing (DoS/DDoS etc) is allowed on the instance.` However, i have not sent a single request to Atlassian servers. All testing was done on my own server.

            I believe these findings are quite important to just ignore them like this.

            What is the proper way to get Denial of Service bugs triaged and delivered to you?

            Alexey Petrenok added a comment - Hello, Sorry for writing here, but it is quite hard to reach Atlassian employees responsible for bugbounty elsewhere. I already asked the same question in  https://jira.atlassian.com/browse/JRASERVER-70808 , but I'll repeat it here in hopes to reach the right people. This Denial of Service issue has `bugbounty` label, which clearly indicates that t was reported to you via bugbounty. I've found DoS vulnerabilities in Jira and Confluence, which allow an unauthenticated attacker with just a single pc and average internet connection to take down entire servers. I tried reporting one of the vulnerabilities here , but it is marked as 'Out of scope' due to `No Load testing (DoS/DDoS etc) is allowed on the instance.` However, i have not sent a single request to Atlassian servers. All testing was done on my own server. I believe these findings are quite important to just ignore them like this. What is the proper way to get Denial of Service bugs triaged and delivered to you?

            This is an independent assessment and you should evaluate its applicability to your own IT environment.
            CVSS v3 score: 7.5 => High severity

            Exploitability Metrics

            Attack Vector Network
            Attack Complexity Low
            Privileges Required None
            User Interaction None

            Scope Metric

            Scope Unchanged

            Impact Metrics

            Confidentiality None
            Integrity None
            Availability High

            https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

            Security Metrics Bot added a comment - This is an independent assessment and you should evaluate its applicability to your own IT environment. CVSS v3 score: 7.5 => High severity Exploitability Metrics Attack Vector Network Attack Complexity Low Privileges Required None User Interaction None Scope Metric Scope Unchanged Impact Metrics Confidentiality None Integrity None Availability High https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

              Unassigned Unassigned
              security-metrics-bot Security Metrics Bot
              Affected customers:
              0 This affects my team
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: