9.3
CVSSv2

CVE-2019-11581

Published: 09/08/2019 Updated: 19/08/2019
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 prior to 7.6.14, from 7.7.0 prior to 7.13.5, from 8.0.0 prior to 8.0.3, from 8.1.0 prior to 8.1.2, and from 8.2.0 prior to 8.2.3 are affected by this vulnerability.

Vulnerability Trend

Affected Products

Vendor Product Versions
AtlassianJira4.4, 4.4.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 5.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 5.0.7, 5.1, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.5, 5.1.6, 5.1.7, 5.1.8, 5.2, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.4.1, 5.2.5, 5.2.6, 5.2.7, 5.2.8, 5.2.9, 5.2.10, 5.2.11, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.1, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 6.1.7, 6.1.8, 6.1.9, 6.2, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.3, 6.3.1, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12, 6.3.13, 6.3.14, 6.3.15, 6.4, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5, 6.4.6, 6.4.7, 6.4.8, 6.4.9, 6.4.10, 6.4.11, 6.4.12, 6.4.13, 6.4.14, 7.0.0, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.9, 7.0.10 , 7.0.11, 7.1.0, 7.1.1, 7.1.2, 7.1.4, 7.1.6, 7.1.7, 7.1.8, 7.1.9, 7.1.10, 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.2.10, 7.2.11, 7.2.12, 7.2.13, 7.2.14, 7.2.15, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, 7.3.5, 7.3.6, 7.3.7, 7.3.8, 7.3.9, 7.4.0, 7.4.1, 7.4.2, 7.4.3, 7.4.4, 7.4.5, 7.4.6, 7.5.0, 7.5.1, 7.5.2, 7.5.3, 7.5.4, 7.6.0, 7.6.1, 7.6.2, 7.6.3, 7.6.4, 7.6.5, 7.6.6, 7.6.7, 7.6.8, 7.6.9, 7.6.10, 7.6.11, 7.6.12, 7.6.13, 7.7.0, 7.7.1, 7.7.2, 7.7.3, 7.7.4, 7.8.0, 7.8.1, 7.8.2, 7.8.3, 7.8.4, 7.9.0, 7.9.1, 7.9.2, 7.10.0, 7.10.1, 7.10.2, 7.11.0, 7.11.1, 7.11.2, 7.11.3, 7.12.0, 7.12.1, 7.12.2, 7.12.3, 7.13.0, 7.13.1, 7.13.2, 7.13.3, 7.13.4, 8.0.0, 8.0.1, 8.0.2, 8.1.0, 8.1.1, 8.2.0, 8.2.1, 8.2.2

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This email refers to the advisory found at confluenceatlassiancom/x/AzoGOg CVE ID: * CVE-2019-11581 Product: Jira Server and Data Center Affected Jira Server and Data Center product versions: 400 <= version < 7614 7130 <= version < 7135 800 <= version &lt ...

Github Repositories

CVE-2019-11581 Atlassian JIRA Template injection vulnerability RCE Demo python CVE-2019-11581py xxxxxxxx:8080/ "Command" Vuln Version Download product-downloadsatlassiancom/software/jira/downloads/atlassian-jira-software-7130-x64exe Poc $i18ngetClass()forName('javalangRuntime')getMethod('getRuntime',null)invoke(null,

#CVE-2019–11581 PoC /JIRAScannerpy domain cmd TODO: Automatic Exploitation - Popping shells Windows - Linux -

RCE-in-Jira Remote code execution in Atlassian Jira(CVE-2019–11581) through template engine FreeMaker В апреле месяце была обнаружена RCE в продукте Atlassian Confluence, а если быть точнее в плагине, который почти всегда там используется И вот через 4 месяца ещ

Recent Articles

ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers
BleepingComputer • Sergiu Gatlan • 22 Jul 2019

More than one million ProFTPD servers are vulnerable to remote code execution and information disclosure attacks that could be triggered after successful exploitation of an arbitrary file copy vulnerability.
ProFTPd is an open-source and cross-platform FTP server with support for most UNIX-like systems and Windows, and one of the most popular ones targeting the UNIX-based platforms along with Pure-FTPd and vsftpd.
All ProFTPd versions up to and including 1.3.5b are impacted by ...

Hackers Exploit Jira, Exim Linux Servers to "Keep the Internet Safe'
BleepingComputer • Sergiu Gatlan • 22 Jul 2019

Hackers are exploiting vulnerable Jira and Exim servers with the end goal of infecting them with a new Watchbog Linux Trojan variant and using the resulting botnet as part of a Monero cryptomining operation.
Watchbog is a malware strain used to infect Linux servers by exploiting vulnerable software such as Jenkins during a campaign from May, as well as Nexus Repository Manager 3, ThinkPHP, and Linux Supervisord as part of an operation from March as discovered by Alibaba Cloud Securit...

Jira Server and Data Center Update Patches Critical Vulnerability
BleepingComputer • Ionut Ilascu • 11 Jul 2019

Atlassian has patched a critical vulnerability affecting Jira Server and Data Center versions released since the summer of 2011.
An advisory today from enterprise software company Atlassian offers details about a template injection on the server side that could be exploited without authentication under certain conditions.
Tracked as CVE-2019-11581, the vulnerability was introduced in version 4.4.0. It was discovered and reported by Bugcrowd researcher Daniil Dmitriev.
Server-s...