Atlassian Jira Server vulnerabilities

CVE-2019-20412 [MEDIUM] CWE-287 CVE-2019-20412: The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center all The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate the following information via an Improper Authentication vulnerability: Workflow names; Project Key, if it is part of the workflow name; Issue Keys; Issue Types; Status Types. The affected versions are before version 7

CVE-2019-20409 [CRITICAL] CWE-74 CVE-2019-20409: The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to vers The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote attackers to gain remote code execution if they were able to exploit a server side template injection vulnerability.

CVE-2020-4021 [MEDIUM] CWE-79 CVE-2020-4021: Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of Atlassian Jira Server and Data C Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the XML export view.

CVE-2019-20407 [MEDIUM] CWE-862 CVE-2019-20407: The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version 8. The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version 8.6.1 allows authenticated remote attackers to view release version information in projects that they do not have access to through an missing authorisation check.

CVE-2019-20100 [MEDIUM] CWE-352 CVE-2019-20100: The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The follo The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The following versions are affected: all versions prior to 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.2, and from version 7.1.0 before version 7.1.3. The vulnerable plugin is

CVE-2019-20099 [MEDIUM] CWE-352 CVE-2019-20099: The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before ver The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerate hosts and open ports on the internal network where

CVE-2019-20098 [MEDIUM] CWE-352 CVE-2019-20098: The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before ve The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerate hosts and open ports on the internal network wher

CVE-2019-20400 [HIGH] CWE-427 CVE-2019-20400: The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a d The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hijacking vulnerability.

CVE-2019-20405 [MEDIUM] CWE-352 CVE-2019-20405: The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to turn the JMX monitoring flag off or on via a Cross-site request forgery (CSRF) vulnerability.

CVE-2019-20402 [MEDIUM] CVE-2019-20402: Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without requiring the user to re-enter their password via an improper authorization vulnerability.

CVE-2019-20401 [MEDIUM] CWE-352 CVE-2019-20401: Various installation setup resources in Jira before version 8.5.2 allow remote attackers to configur Various installation setup resources in Jira before version 8.5.2 allow remote attackers to configure a Jira instance, which has not yet finished being installed, via Cross-site request forgery (CSRF) vulnerabilities.

CVE-2019-20403 [MEDIUM] CVE-2019-20403: The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to det The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to determine if a Jira project key exists or not via an information disclosure vulnerability.

CVE-2019-20106 [MEDIUM] CWE-276 CVE-2019-20106: Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 befor Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticket to which they do not have commenting permissions via a broken access control bug.

CVE-2019-20404 [MEDIUM] CVE-2019-20404: The API in Atlassian Jira Server and Data Center before version 8.6.0 allows authenticated remote at The API in Atlassian Jira Server and Data Center before version 8.6.0 allows authenticated remote attackers to determine project titles they do not have access to via an improper authorization vulnerability.

CVE-2019-15013 [MEDIUM] CWE-862 CVE-2019-15013: The WorkflowResource class removeStatus method in Jira before version 7.13.12, from version 8.0.0 be The WorkflowResource class removeStatus method in Jira before version 7.13.12, from version 8.0.0 before version 8.4.3, and from version 8.5.0 before version 8.5.2 allows authenticated remote attackers who do not have project administration access to remove a configured issue status from a project via a missing authorisation check.

CVE-2019-15005 [MEDIUM] CWE-862 CVE-2019-15005: The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivilege The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration information about the application that the plugin is installed into. A vulne

CVE-2019-15001 [HIGH] CWE-94 CVE-2019-15001: The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7. The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerabil

CVE-2019-8451 [MEDIUM] CWE-918 CVE-2019-8451: The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attacke The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.

CVE-2019-14997 [MEDIUM] CWE-524 CVE-2019-14997: The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn de The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including their username, via an information expose through caching vulnerability when Jira is configured with a reverse Proxy and or a load balancer with caching or a CDN.

CVE-2019-14998 [MEDIUM] CWE-352 CVE-2019-14998: The Webwork action Cross-Site Request Forgery (CSRF) protection implementation in Jira before versio The Webwork action Cross-Site Request Forgery (CSRF) protection implementation in Jira before version 8.4.0 allows remote attackers to bypass its protection via "cookie tossing" a CSRF cookie from a subdomain of a Jira instance.