cnvd - cnvd-2020-52944

cnvd-2020-52944

Vulnerability from cnvd

Title: Atlassian JIRA Server和Data Center跨站请求伪造漏洞

Description:

Atlassian JIRA Server和Atlassian JIRA Data Center都是澳大利亚Atlassian公司的产品。Atlassian JIRA Server是一套缺陷跟踪管理系统的服务器版本。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。Atlassian JIRA Data Center是Atlassian JIRA的数据中心版本。

Atlassian Jira Server和Data Center 8.7.0之前版本中的VerifyPopServerConnection!add.jspa组件中存在跨站请求伪造漏洞。攻击者可通过诱使管理用户发出恶意HTTP请求利用该漏洞执行未授权的操作，例如枚举Jira服务器所在的内部网络上的主机。

Severity: 中

Patch Name: Atlassian JIRA Server和Data Center跨站请求伪造漏洞的补丁

Patch Description:

Atlassian Jira Server和Data Center 8.7.0之前版本中的VerifyPopServerConnection!add.jspa组件中存在跨站请求伪造漏洞。攻击者可通过诱使管理用户发出恶意HTTP请求利用该漏洞执行未授权的操作，例如枚举Jira服务器所在的内部网络上的主机。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://jira.atlassian.com/browse/JRASERVER-70606

Reference: https://nvd.nist.gov/vuln/detail/CVE-2019-20099

Impacted products

Name
['Atlassian JIRA Server <8.7.0', 'Atlassian Jira Data Center <8.7.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-20099",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-20099"
    }
  },
  "description": "Atlassian JIRA Server\u548cAtlassian JIRA Data Center\u90fd\u662f\u6fb3\u5927\u5229\u4e9aAtlassian\u516c\u53f8\u7684\u4ea7\u54c1\u3002Atlassian JIRA Server\u662f\u4e00\u5957\u7f3a\u9677\u8ddf\u8e2a\u7ba1\u7406\u7cfb\u7edf\u7684\u670d\u52a1\u5668\u7248\u672c\u3002\u8be5\u7cfb\u7edf\u4e3b\u8981\u7528\u4e8e\u5bf9\u5de5\u4f5c\u4e2d\u5404\u7c7b\u95ee\u9898\u3001\u7f3a\u9677\u8fdb\u884c\u8ddf\u8e2a\u7ba1\u7406\u3002Atlassian JIRA Data Center\u662fAtlassian JIRA\u7684\u6570\u636e\u4e2d\u5fc3\u7248\u672c\u3002\n\nAtlassian Jira Server\u548cData Center 8.7.0\u4e4b\u524d\u7248\u672c\u4e2d\u7684VerifyPopServerConnection!add.jspa\u7ec4\u4ef6\u4e2d\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8bf1\u4f7f\u7ba1\u7406\u7528\u6237\u53d1\u51fa\u6076\u610fHTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c\uff0c\u4f8b\u5982\u679a\u4e3eJira\u670d\u52a1\u5668\u6240\u5728\u7684\u5185\u90e8\u7f51\u7edc\u4e0a\u7684\u4e3b\u673a\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://jira.atlassian.com/browse/JRASERVER-70606",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-52944",
  "openTime": "2020-09-21",
  "patchDescription": "Atlassian JIRA Server\u548cAtlassian JIRA Data Center\u90fd\u662f\u6fb3\u5927\u5229\u4e9aAtlassian\u516c\u53f8\u7684\u4ea7\u54c1\u3002Atlassian JIRA Server\u662f\u4e00\u5957\u7f3a\u9677\u8ddf\u8e2a\u7ba1\u7406\u7cfb\u7edf\u7684\u670d\u52a1\u5668\u7248\u672c\u3002\u8be5\u7cfb\u7edf\u4e3b\u8981\u7528\u4e8e\u5bf9\u5de5\u4f5c\u4e2d\u5404\u7c7b\u95ee\u9898\u3001\u7f3a\u9677\u8fdb\u884c\u8ddf\u8e2a\u7ba1\u7406\u3002Atlassian JIRA Data Center\u662fAtlassian JIRA\u7684\u6570\u636e\u4e2d\u5fc3\u7248\u672c\u3002\r\n\r\nAtlassian Jira Server\u548cData Center 8.7.0\u4e4b\u524d\u7248\u672c\u4e2d\u7684VerifyPopServerConnection!add.jspa\u7ec4\u4ef6\u4e2d\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8bf1\u4f7f\u7ba1\u7406\u7528\u6237\u53d1\u51fa\u6076\u610fHTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c\uff0c\u4f8b\u5982\u679a\u4e3eJira\u670d\u52a1\u5668\u6240\u5728\u7684\u5185\u90e8\u7f51\u7edc\u4e0a\u7684\u4e3b\u673a\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Atlassian JIRA Server\u548cData Center\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Atlassian JIRA Server \u003c8.7.0",
      "Atlassian Jira Data Center \u003c8.7.0"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-20099",
  "serverity": "\u4e2d",
  "submitTime": "2020-02-17",
  "title": "Atlassian JIRA Server\u548cData Center\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e"
}

CVE-2019-20099 (GCVE-0-2019-20099)

Vulnerability from cvelistv5

Published

2020-02-12 14:07

Modified

2024-09-16 20:03

Severity ?

CWE

Cross Site Scripting (CSRF)

Summary

The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerate hosts and open ports on the internal network where Jira server is present.

References

▼	URL	Tags
	https://www.tenable.com/security/research/tra-2020-05	x_refsource_MISC
	https://jira.atlassian.com/browse/JRASERVER-70606	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Atlassian	Jira Server	Version: unspecified < 8.7.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:32:10.521Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/research/tra-2020-05"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jira.atlassian.com/browse/JRASERVER-70606"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Jira Server",
          "vendor": "Atlassian",
          "versions": [
            {
              "lessThan": "8.7.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-02-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerate hosts and open ports on the internal network where Jira server is present."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Cross Site Scripting (CSRF)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-12T14:07:54",
        "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
        "shortName": "atlassian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/security/research/tra-2020-05"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jira.atlassian.com/browse/JRASERVER-70606"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@atlassian.com",
          "DATE_PUBLIC": "2020-02-03T00:00:00",
          "ID": "CVE-2019-20099",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Jira Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.7.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Atlassian"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerate hosts and open ports on the internal network where Jira server is present."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cross Site Scripting (CSRF)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.tenable.com/security/research/tra-2020-05",
              "refsource": "MISC",
              "url": "https://www.tenable.com/security/research/tra-2020-05"
            },
            {
              "name": "https://jira.atlassian.com/browse/JRASERVER-70606",
              "refsource": "MISC",
              "url": "https://jira.atlassian.com/browse/JRASERVER-70606"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
    "assignerShortName": "atlassian",
    "cveId": "CVE-2019-20099",
    "datePublished": "2020-02-12T14:07:54.400791Z",
    "dateReserved": "2019-12-30T00:00:00",
    "dateUpdated": "2024-09-16T20:03:50.700Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted