• Type: Public Security Vulnerability
• Resolution: Fixed
• Priority: Low (View bug fix roadmap)
• Fix Version/s: 9.5.0, 9.4.4, 8.20.20
• Affects Version/s: 9.4.0, 8.13.27, 8.20.14, 9.4.3, 8.20.18
• Component/s: Security
• Labels:

  • advisory-released
  • dont-import
  • security
  • 🔢✅

[JRASERVER-75331] Malicious file upload in Jira Server via anonymous sources

Jonathan Soo made changes - 30/Aug/2023 7:59 AM

Remote Link

Original: This issue links to "VULN-833557 (Atlassian Security Jira)" [ 749447 ]

New: This issue links to "VULN-833557 (ASEC/J)" [ 749447 ]

Collapse comment: Amr Hamza (Legacy) added a comment - 20/Jun/2023 6:48 AM

Amr Hamza (Legacy) added a comment - 20/Jun/2023 6:48 AM

Yes, this has cleared my confusion. Thank you.

Expand comment: Amr Hamza (Legacy) added a comment - 20/Jun/2023 6:48 AM

Amr Hamza (Legacy) added a comment - 20/Jun/2023 6:48 AM Yes, this has cleared my confusion. Thank you.

Collapse comment: Zul NS [Atlassian] added a comment - 19/Jun/2023 9:33 PM

Zul NS [Atlassian] added a comment - 19/Jun/2023 9:33 PM

146dab3de87d Our 9.4 releases are LTS release. Reading this means, 9.4.4 is when this fixed and all releases after but within 9.4.x has the fix. At this point of writing, 9.4.4 until 9.4.7 has the fix. Hope this helps.

Expand comment: Zul NS [Atlassian] added a comment - 19/Jun/2023 9:33 PM

Zul NS [Atlassian] added a comment - 19/Jun/2023 9:33 PM 146dab3de87d Our 9.4 releases are LTS release. Reading this means, 9.4.4 is when this fixed and all releases after but within 9.4.x has the fix. At this point of writing, 9.4.4 until 9.4.7 has the fix. Hope this helps.

Collapse comment: Amr Hamza (Legacy) added a comment - 19/Jun/2023 7:52 AM

Amr Hamza (Legacy) added a comment - 19/Jun/2023 7:52 AM

Is 9.4.4 the only fix version or is it 9.4.4 and higher? Thanks.

Expand comment: Amr Hamza (Legacy) added a comment - 19/Jun/2023 7:52 AM

Amr Hamza (Legacy) added a comment - 19/Jun/2023 7:52 AM Is 9.4.4 the only fix version or is it 9.4.4 and higher? Thanks.

Manisha Sangwan made changes - 16/Jun/2023 10:04 AM

Security

Original: Reporter and Atlassian Staff [ 10751 ]

Manisha Sangwan made changes - 16/Jun/2023 10:04 AM

Labels

Original: dont-import security 🔢✅

New: advisory-released dont-import security 🔢✅

Manisha Sangwan made changes - 16/Jun/2023 10:01 AM

Labels

Original: advisory advisory-released dont-import security 🔢✅

New: dont-import security 🔢✅

Manisha Sangwan made changes - 16/Jun/2023 10:00 AM

Resolution		New: Fixed [ 1 ]
Security	Original: Atlassian Staff [ 10750 ]	New: Reporter and Atlassian Staff [ 10751 ]
Status	Original: Draft [ 12872 ]	New: Published [ 12873 ]

Zul NS [Atlassian] made changes - 16/Jun/2023 6:02 AM

Description

Original: Affected versions of Atlassian Jira Server/DC allows an unauthenticated attacker to upload arbitrary files to Jira via file upload functionality in the fileupload url. However An attacker cannot control the filename or its location, which prevents the possibility of RCE.   Affected versions:  * version < 9.4.0  * 9.4.0 < version < 9.4.3  * version <= 8.20.18  * version <= 8.13.27 Fixed versions:   * 9.4.4  * 8.20.20  * 9.5.4

New: Affected versions of Atlassian Jira Server/DC allows an unauthenticated attacker to upload arbitrary files to Jira via file upload functionality in the fileupload url. However An attacker cannot control the filename or its location, which prevents the possibility of RCE. Files with name start with {{multPartReq}} with {{.tmp}} filename may be seen in "<JIRA_INSTALL>/work" path location due to this bug.   Affected versions:  * version < 9.4.0  * 9.4.0 < version < 9.4.3  * version <= 8.20.18  * version <= 8.13.27 Fixed versions:   * 9.4.4  * 8.20.20  * 9.5.4

Manisha Sangwan made changes - 12/Apr/2023 9:31 AM

Remote Link

New: This issue links to "VULN-833557 (Atlassian Security Jira)" [ 749447 ]

Load more older events