[JSDSERVER-8665] Template Injection in Email Templates leads to code execution on Jira Service Management Server - CVE-2021-39115 - Create and track feature requests for Atlassian products.

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 4.18.0, 4.13.9
Affects Version/s: 4.17.1, 4.13.8, 4.5.18
Component/s: None
Labels:

CVSS Score:
7.2
CVSS Severity:
High
CVE ID:
CVE-2021-39115

Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands via a Server_Side Template Injection vulnerability in the Email Template feature.

The affected versions are before version 4.13.9, and from version 4.14.0 before 4.18.0.

Affected versions:

version < 4.13.9
4.14.0 ≤ version < 4.18.0

Fixed versions:

4.13.9
4.18.0

Form Name

lance_lyons added a comment - 14/Feb/2022 9:27 PM

Why cant you guys make a secure product. These security vulnerabilities are causing us to have to upgrade Jira every month.

lance_lyons added a comment - 14/Feb/2022 9:27 PM Why cant you guys make a secure product. These security vulnerabilities are causing us to have to upgrade Jira every month.

AB added a comment - 26/Aug/2021 12:46 AM - edited

This is an independent assessment and you should evaluate its applicability to your own IT environment.

CVSS v3 score: 7.2 => High severity

Exploitability Metrics

Attack Vector	Network
Attack Complexity	Low
Privileges Required	High
User Interaction	None

Scope Metric

Scope	Unchanged

Impact Metrics

Confidentiality	High
Integrity	High
Availability	High

https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AB added a comment - 26/Aug/2021 12:46 AM - edited This is an independent assessment and you should evaluate its applicability to your own IT environment. CVSS v3 score: 7.2 => High severity Exploitability Metrics Attack Vector Network Attack Complexity Low Privileges Required High User Interaction None Scope Metric Scope Unchanged Impact Metrics Confidentiality High Integrity High Availability High https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 25/Aug/2021 4:24 AM

Updated:: 14/Feb/2022 9:27 PM

Resolved:: 01/Sep/2021 10:58 PM

Details

Description

Attachments

Forms

Activity

[JSDSERVER-8665] Template Injection in Email Templates leads to code execution on Jira Service Management Server - CVE-2021-39115

Collapse comment: lance_lyons added a comment - 14/Feb/2022 9:27 PM

Expand comment: lance_lyons added a comment - 14/Feb/2022 9:27 PM

Collapse comment: AB added a comment - 26/Aug/2021 12:46 AM, Edited by Security Metrics Bot - 26/Aug/2021 1:46 AM

Expand comment: AB added a comment - 26/Aug/2021 12:46 AM, Edited by Security Metrics Bot - 26/Aug/2021 1:46 AM

People

Dates

Backbone Issue Sync