[JRASERVER-71204] SSRF in Dashboard & Gadgets - CVE-2019-20408 - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Low (View bug fix roadmap)
Fix Version/s: 8.5.2, 8.7.0
Affects Version/s: 8.5.0
Component/s: Dashboard & Gadgets
Labels:
- CVE-2019-20408
- advisory
- advisory-released
- bugbounty
- cvss-high
- raid
- security
- ssrf

Fixed in Long Term Support Release/s:

Download 8.5
Introduced in Version:
8.05
Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.

As an example to indicate impact, when running the vulnerable version of Jira in an environment like Amazon EC2, this flaw may be used to access to a metadata resource that provides access credentials and other potentially confidential information.

Affected versions:

version < 8.7.0

Fixed versions:

8.7.0

mentioned in: Page Failed to load; Page Failed to load; Page Failed to load

No work has yet been logged on this issue.

Assignee:: Mateusz Marzęcki

Reporter:: Security Metrics Bot

Affected customers:: 0 This affects my team

Watchers:: 18 Start watching this issue

Created:: 19/Jun/2020 1:56 AM

Updated:: 24/Mar/2021 4:45 PM

Resolved:: 19/Jun/2020 1:57 AM

Jira Data Center

Details

Description

Attachments

Issue Links

Forms

Activity

[JRASERVER-71204] SSRF in Dashboard & Gadgets - CVE-2019-20408

People

Dates