Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-2314Path Traversal in Atlassian Jira

CWE-22Path Traversal5 documents5 sources
Severity
4.3MEDIUMNVD
EPSS
66.8%
top 1.45%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Atlassian Jira
Timeline
PublishedMar 9
Latest updateMay 17

Description

Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 6.0.4 allows remote attackers to create arbitrary files via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDatlassian/jira6.0.3+3

🔴Vulnerability Details

2
GHSA
GHSA-7xqw-49vx-86cm: Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 62022-05-17
CVEList
CVE-2014-2314: Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 62014-03-07

💥Exploits & PoCs

2
Exploit-DB
JIRA Issues Collector - Directory Traversal (Metasploit)2014-04-07
Metasploit
JIRA Issues Collector Directory Traversal
CVE-2014-2314 — Path Traversal in Atlassian Jira | cvebase