-
Public Security Vulnerability
-
Resolution: Fixed
-
Low (View bug fix roadmap)
-
9.4.0, 8.13.27, 8.20.14, 9.4.3, 8.20.18
-
5.3
-
Medium
Affected versions of Atlassian Jira Server/DC allows an unauthenticated attacker to upload arbitrary files to Jira via file upload functionality in the fileupload url. However An attacker cannot control the filename or its location, which prevents the possibility of RCE.
Files with name start with multPartReq with .tmp filename may be seen in "<JIRA_INSTALL>/work" path location due to this bug.
Affected versions:
- version < 9.4.0
- 9.4.0 < version < 9.4.3
- version <= 8.20.18
- version <= 8.13.27
Fixed versions:
- 9.4.4
- 8.20.20
- 9.5.4
- relates to
-
VULN-833557 Failed to load
[JRASERVER-75331] Malicious file upload in Jira Server via anonymous sources
| Remote Link | Original: This issue links to "VULN-833557 (Atlassian Security Jira)" [ 749447 ] | New: This issue links to "VULN-833557 (ASEC/J)" [ 749447 ] |
| Security | Original: Reporter and Atlassian Staff [ 10751 ] |
| Labels | Original: dont-import security 🔢✅ | New: advisory-released dont-import security 🔢✅ |
| Labels | Original: advisory advisory-released dont-import security 🔢✅ | New: dont-import security 🔢✅ |
| Resolution | New: Fixed [ 1 ] | |
| Security | Original: Atlassian Staff [ 10750 ] | New: Reporter and Atlassian Staff [ 10751 ] |
| Status | Original: Draft [ 12872 ] | New: Published [ 12873 ] |
| Description |
Original:
Affected versions of Atlassian Jira Server/DC allows an unauthenticated attacker to upload arbitrary files to Jira via file upload functionality in the fileupload url. However An attacker cannot control the filename or its location, which prevents the possibility of RCE.
Affected versions: * version < 9.4.0 * 9.4.0 < version < 9.4.3 * version <= 8.20.18 * version <= 8.13.27 Fixed versions: * 9.4.4 * 8.20.20 * 9.5.4 |
New:
Affected versions of Atlassian Jira Server/DC allows an unauthenticated attacker to upload arbitrary files to Jira via file upload functionality in the fileupload url. However An attacker cannot control the filename or its location, which prevents the possibility of RCE.
Files with name start with {{multPartReq}} with {{.tmp}} filename may be seen in "<JIRA_INSTALL>/work" path location due to this bug. Affected versions: * version < 9.4.0 * 9.4.0 < version < 9.4.3 * version <= 8.20.18 * version <= 8.13.27 Fixed versions: * 9.4.4 * 8.20.20 * 9.5.4 |
| Remote Link | New: This issue links to "VULN-833557 (Atlassian Security Jira)" [ 749447 ] |
| Labels | Original: advisory dont-import security 🔢✅ | New: advisory advisory-released dont-import security 🔢✅ |
| Labels | Original: advisory advisory-to-release dont-import security 🔢✅ | New: advisory dont-import security 🔢✅ |
| Description |
Original:
Affected versions of Atlassian Jira Server/DC allows an unauthenticated attacker to upload arbitrary files to Jira via file upload functionality in the fileupload url. However An attacker cannot control the filename or its location, which prevents the possibility of RCE
Affected versions: * version < 9.4.0 * 9.4.0 < version < 9.4.3 * version <= 8.20.18 * version <= 8.13.27 Fixed versions: * 9.4.4 * 8.20.20 * 9.5.4 |
New:
Affected versions of Atlassian Jira Server/DC allows an unauthenticated attacker to upload arbitrary files to Jira via file upload functionality in the fileupload url. However An attacker cannot control the filename or its location, which prevents the possibility of RCE.
Affected versions: * version < 9.4.0 * 9.4.0 < version < 9.4.3 * version <= 8.20.18 * version <= 8.13.27 Fixed versions: * 9.4.4 * 8.20.20 * 9.5.4 |