Atlassian Jira 漏洞列表

Jira Server and Data Center is susceptible to a server-side template injection vulnerability via the ContactAdministrators and SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability. Shodan: http.component:"Atlassian Jira" Fofa: title="Atlassian Jira"

Atlassian Jira是澳大利亚Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian Jira 7.13.4之前版本、8.0.4之前版本和8.1.1之前版本中的CachingResourceDownloadRewriteRule类存在安全漏洞。远程攻击者可利用该漏洞访问Jira webroot中的文件。

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0. fofa "Atlassian Jira" fofa title="General"

The Atlassian Jira IconUriServlet of the OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 contains a cross-site scripting vulnerability which allows remote attackers to access the content of internal network resources and/or perform an attack via Server Side Request Forgery.

The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the cyclePeriod parameter.

Atlassian Jira Confluence before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4, and from version 7.9.0 before version 7.9.2, allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the error message of custom fields when an invalid value is specified.

Jira Server and Data Center is susceptible to a server-side template injection vulnerability via the ContactAdministrators and SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability.

Atlasssian Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 is susceptible to incorrect authorization. The ManageFilters.jspa resource allows a remote attacker to enumerate usernames via an incorrect authorization check, thus possibly obtaining sensitive information, modifying data, and/or executing unauthorized operations.

Atlassian Jira Server and Data Center before 8.5.8 and 8.6.0 through 8.11.1 are susceptible to information disclosure via the /secure/QueryComponent!Default.jspa endpoint. An attacker can view custom field names and custom SLA names.

Affected versions of Atlassian Jira Limited Server and Data Center are vulnerable to local file inclusion because they allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint.

Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.

Atlassian Jira Mobile 插件存在服务端请求伪造漏洞。

Atlassian Jira存在认证绕过漏洞，此漏洞是缺乏校验导致的。

Atlassian Jira addon Netic Group Export存在未授权访问漏洞，此漏洞是由于Atlassian Jira没有检查身份认证导致的。

Atlassian Jira Server＆DataCenter是澳大利亚Atlassian公司的JIRA的数据中心版本。该软件被广泛应用于缺陷跟踪、客户服务、需求收集、流程审批、任务跟踪、项目跟踪和敏捷管理等工作领域。AtlassianJira Server and Data Center存在服务器端请求伪造漏洞，攻击者可利用该漏洞通过批处理端点执行完整的读取服务器端请求伪造。

8.1.1之前的Jira通过searchOwnerUserName参数中的ConfigurePortalPages.jspa资源包含跨站点脚本漏洞。

8.1.1之前的Jira通过searchOwnerUserName参数中的ConfigurePortalPages.jspa资源包含跨站点脚本漏洞。

Jira 7.13.3之前版本和8.1.1之前版本8.0.0中的ManageFilters.jspa资源允许远程攻击者通过不正确的授权检查枚举用户名。

Jira7.13.1版本之前的WallboardServlet资源允许远程攻击者通过cyclePeriod参数中的跨站点脚本漏洞注入任意HTML或JavaScript。

版本7.6.6之前的Atlassian JiraConfluence、版本7.7.4之前的版本7.7.0、版本7.8.4之前的7.8.0以及版本7.9.2之前的7.9.0，允许远程攻击者在指定无效值时，通过自定义字段的错误消息中的跨站点脚本漏洞注入任意HTML或JavaScript。

Atlassian JIRAServer是澳大利亚Atlassian公司的一套缺陷跟踪管理系统的服务器版本。该系统主要用于跟踪管理对工作中各类问题。2021年8月16日，Atlassian官方发布AtlassianJIRAServer组件存在文件读取漏洞的信息，该漏洞是由于对用户的输入没有进行严格的过滤导致，攻击者可利用该漏洞在未授权的情况下，构造恶意数据执行文件读取攻击，最终造成服务器部分文件信息泄露。

该漏洞源于Jira Server and DataCenter允许远程、未经身份验证的攻击者通过/secure/QueryComponent!Default中的一个信息泄露漏洞查看定制字段名和定制SLA名。

Atlassian Jira 8.4.0之前版本/rest/api/latest/groupuserpicker接口允许远程攻击者枚举用户名，导致信息泄露。

Atlassian JIRA Server和Atlassian JIRA Data Center都是澳大利亚Atlassian公司的产品。Atlassian JIRA Server是一套缺陷跟踪管理系统的服务器版本。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。Atlassian JIRA Data Center是Atlassian JIRA的数据中心版本。Jira服务器和数据中心、ContactAdministrators和SendBulkMail操作中存在服务器端模板注入漏洞。攻击者能够在运行有漏洞版本的Jira服务器或数据中心的系统上远程执行代码。从7.6.14之前的4.4.0、7.13.5之前的7.7.0、8.0.3之前的8.0.0、8.1.2之前的8.1.0和8.2.3之前的8.2.0版本，Jira Server和Data Center的所有版本都会受到此漏洞的影响。