• Type: Public Security Vulnerability
• Resolution: Fixed
• Priority: Low (View bug fix roadmap)
• Fix Version/s: 8.13.19, 8.20.7, 8.22.1, 9.0.0
• Affects Version/s: 8.22.0, 8.13.18, 8.20.6
• Component/s: Security
• Labels:

  • advisory
  • advisory-released
  • dont-import
  • security

[JRASERVER-73581] Jira Software Server Template RCE via Email Templates feature

Sen Geronimo made changes - 04/Oct/2022 6:20 AM

Component/s

New: Security [ 68109 ]

Manisha Sangwan made changes - 04/Oct/2022 6:20 AM

Labels

Original: advisory advisory-to-release dont-import security

New: advisory advisory-released dont-import security

Manisha Sangwan made changes - 04/Oct/2022 6:19 AM

Resolution		New: Fixed [ 1 ]
Security	Original: Atlassian Staff [ 10750 ]
Status	Original: Draft [ 12872 ]	New: Published [ 12873 ]

rshah2 made changes - 16/Mar/2022 4:48 AM

Summary

Original: Jira Software Server Template RCE via JNDI related blocklist

New: Jira Software Server Template RCE via Email Templates feature

rshah2 made changes - 16/Mar/2022 4:48 AM

Description

Original: This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Software Server and Data Center allow a system administrator to execute arbitrary code via a remote code execution in the JNDI related blocklist. *Affected versions:*  * version < 8.13.19,  * 8.14.0 ≤ version < 8.20.7,  * 8.21.0 ≤ version < 8.22.1,  * 8.23.0 ≤ version < 9.0.0 *Fixed versions:*  - 8.13.19,  - 8.20.7,  - 8.22.1,  - 9.0.0

New: This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Software Server and Data Center allow a system administrator to execute arbitrary code via a remote code execution in the Email Templates feature. *Affected versions:*  * version < 8.13.19,  * 8.14.0 ≤ version < 8.20.7,  * 8.21.0 ≤ version < 8.22.1,  * 8.23.0 ≤ version < 9.0.0 *Fixed versions:*  - 8.13.19,  - 8.20.7,  - 8.22.1,  - 9.0.0

rshah2 made changes - 16/Mar/2022 4:47 AM

Description

Original: Affected versions of Atlassian Jira Software Server and Data Center allow a system administrator to execute arbitrary code via a remote code execution in the JNDI related blocklist. *Affected versions:*  * version < 8.13.19,  * 8.14.0 ≤ version < 8.20.7,  * 8.21.0 ≤ version < 8.22.1,  * 8.23.0 ≤ version < 9.0.0 *Fixed versions:*  - 8.13.19,  - 8.20.7,  - 8.22.1,  - 9.0.0

New: This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Software Server and Data Center allow a system administrator to execute arbitrary code via a remote code execution in the JNDI related blocklist. *Affected versions:*  * version < 8.13.19,  * 8.14.0 ≤ version < 8.20.7,  * 8.21.0 ≤ version < 8.22.1,  * 8.23.0 ≤ version < 9.0.0 *Fixed versions:*  - 8.13.19,  - 8.20.7,  - 8.22.1,  - 9.0.0

rshah2 made changes - 16/Mar/2022 4:44 AM

Summary

Original: Jira Software Server Template RCE

New: Jira Software Server Template RCE via JNDI related blocklist

Collapse comment: rshah2 added a comment - 16/Mar/2022 4:40 AM

rshah2 added a comment - 16/Mar/2022 4:40 AM

This is an independent assessment and you should evaluate its applicability to your own IT environment.

CVSS v3 score: 7.2 => High severity

Exploitability Metrics

Attack Vector	Network
Attack Complexity	Low
Privileges Required	High
User Interaction	None

Scope Metric

Scope	Unchanged

Impact Metrics

Confidentiality	High
Integrity	High
Availability	High

https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Expand comment: rshah2 added a comment - 16/Mar/2022 4:40 AM

rshah2 added a comment - 16/Mar/2022 4:40 AM This is an independent assessment and you should evaluate its applicability to your own IT environment. CVSS v3 score: 7.2 => High severity Exploitability Metrics Attack Vector Network Attack Complexity Low Privileges Required High User Interaction None Scope Metric Scope Unchanged Impact Metrics Confidentiality High Integrity High Availability High https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

rshah2 made changes - 16/Mar/2022 4:38 AM

Description

Original: Affected versions of Atlassian Jira Software Server and Data Center allow a system administrator to execute arbitrary code via a remote code execution in the JNDI related blocklist. *Affected versions:*  * version < 8.13.19,  * 8.14.0 ≤ version < 8.20.7,  * 8.21.0 ≤ version < 8.22.1,  * 8.23.0 ≤ version < 9.0.0 *Fixed versions:* - 8.13.19, 8.20.7, 8.22.1, 9.0.0

New: Affected versions of Atlassian Jira Software Server and Data Center allow a system administrator to execute arbitrary code via a remote code execution in the JNDI related blocklist. *Affected versions:*  * version < 8.13.19,  * 8.14.0 ≤ version < 8.20.7,  * 8.21.0 ≤ version < 8.22.1,  * 8.23.0 ≤ version < 9.0.0 *Fixed versions:*  - 8.13.19,  - 8.20.7,  - 8.22.1,  - 9.0.0

rshah2 made changes - 16/Mar/2022 4:38 AM

Description

Original: Affected versions of Atlassian Jira Server allow remote attackers to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in {component}.

New: Affected versions of Atlassian Jira Software Server and Data Center allow a system administrator to execute arbitrary code via a remote code execution in the JNDI related blocklist. *Affected versions:*  * version < 8.13.19,  * 8.14.0 ≤ version < 8.20.7,  * 8.21.0 ≤ version < 8.22.1,  * 8.23.0 ≤ version < 9.0.0 *Fixed versions:* - 8.13.19, 8.20.7, 8.22.1, 9.0.0

Load more older events