SB2020070227 - Multiple vulnerabilities in Atlassian JIRA

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Open redirect (CVE-ID: CVE-2019-20901)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version 8.6.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the os_destination parameter.

2) Open redirect (CVE-ID: CVE-2019-20417)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate internal services via an Information Disclosure vulnerability. The vulnerability is only exploitable if WebSudo is disabled in Jira. The affected versions are before version 8.4.2.

Remediation

Install update from vendor's website.

References

• https://jira.atlassian.com/browse/JRASERVER-70408
• https://jira.atlassian.com/browse/JRASERVER-70408?
• https://jira.atlassian.com/browse/JRASERVER-70886