Vulnerability identifier: #VU65892
Vulnerability risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-345
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Bamboo Server and Data Center
Server applications /
Other server solutions
Bitbucket Data Center
Server applications /
Other server solutions
Confluence Data Center
Server applications /
Other server solutions
Crowd Data Center
Server applications /
Other server solutions
Jira Service Management Server
Server applications /
Other server solutions
Jira Software
Client/Desktop applications /
Other client software
Atlassian Crucible
Client/Desktop applications /
Office applications
Atlassian Fisheye
Client/Desktop applications /
Office applications
Vendor: Atlassian
Description
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to origin validation error when processing HTTP requests, related to cross-origin sharing (CORS) in the Servlet Filter. A remote attacker can trick the victim to follow a specially crafted link and access the vulnerable application with the victim’s permissions.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Bamboo Server and Data Center: 7.2.0 - 8.2.3
Bitbucket Data Center: 8.1.0, 8.0.0, 7.20.0 - 7.20.1, 7.19.0 - 7.19.4, 7.17.0 - 7.17.7, 7.6.0 - 7.6.15
Confluence Data Center: 7.18.0, 7.17.0 - 7.17.3, 7.16.0 - 7.16.3, 7.15.0 - 7.15.1, 7.14.0 - 7.14.2, 7.13.0 - 7.13.6, 7.4.0 - 7.4.16
Crowd Data Center: 5.0.0, 4.4.0 - 4.4.1, 4.3.0 - 4.3.7
Jira Software: 8.22.0 - 8.22.3, 8.20.0 - 8.20.9, 8.13.0 - 8.13.21
Jira Service Management Server: 4.22.0 - 4.22.5, 4.20.0 - 4.20.9, 4.13.0 - 4.13.21
Atlassian Crucible: 4.8.0 - 4.8.9
Atlassian Fisheye: 4.8.0 - 4.8.9
External links
http://jira.atlassian.com/browse/CWD-5815
http://jira.atlassian.com/browse/FE-7410
http://jira.atlassian.com/browse/JRASERVER-73897
http://jira.atlassian.com/browse/BAM-21795
http://jira.atlassian.com/browse/JSDSERVER-11863
http://jira.atlassian.com/browse/CONFSERVER-79476
http://jira.atlassian.com/browse/CRUC-8541
http://jira.atlassian.com/browse/BSERV-13370
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.