cvelist/2019/15xxx/CVE-2019-15001.json

{
    "CVE_data_meta": {
        "ASSIGNER": "security@atlassian.com",
        "DATE_PUBLIC": "2018-09-18T00:00:00",
        "ID": "CVE-2019-15001",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Atlassian",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Jira Server",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": ">=",
                                            "version_value": "7.0.10"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.6.16"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "7.7.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.13.8"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "8.1.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "8.1.3"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "8.2.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "8.2.5"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "8.3.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "8.3.4"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "8.4.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "8.4.1"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "Jira Data Center",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": ">=",
                                            "version_value": "7.0.10"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.6.16"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "7.7.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "7.13.8"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "8.1.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "8.1.3"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "8.2.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "8.2.5"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "8.3.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "8.3.4"
                                        },
                                        {
                                            "version_affected": ">=",
                                            "version_value": "8.4.0"
                                        },
                                        {
                                            "version_affected": "<",
                                            "version_value": "8.4.1"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.1.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Template injection"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "url": "https://jira.atlassian.com/browse/JRASERVER-69933",
                "refsource": "MISC",
                "name": "https://jira.atlassian.com/browse/JRASERVER-69933"
            },
            {
                "refsource": "BUGTRAQ",
                "name": "20190925 Jira Security Advisory - 2019-09-18 - CVE-2019-15001",
                "url": "https://seclists.org/bugtraq/2019/Sep/42"
            },
            {
                "refsource": "MISC",
                "name": "http://packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.html",
                "url": "http://packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.html"
            }
        ]
    }
}
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`{`
			`"CVE_data_meta": {`
			`"ASSIGNER": "security@atlassian.com",`
			`"DATE_PUBLIC": "2018-09-18T00:00:00",`
			`"ID": "CVE-2019-15001",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
"-Synchronized-Data." 2019-09-19 15:01:17 +00:00			`"vendor_name": "Atlassian",`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Jira Server",`
			`"version": {`
			`"version_data": [`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": ">=",`
			`"version_value": "7.0.10"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`},`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": "<",`
			`"version_value": "7.6.16"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`},`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": ">=",`
			`"version_value": "7.7.0"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`},`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": "<",`
			`"version_value": "7.13.8"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`},`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": ">=",`
			`"version_value": "8.1.0"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`},`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": "<",`
			`"version_value": "8.1.3"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "8.2.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "8.2.5"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "8.3.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "8.3.4"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "8.4.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "8.4.1"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`}`
			`]`
			`}`
			`},`
			`{`
			`"product_name": "Jira Data Center",`
			`"version": {`
			`"version_data": [`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": ">=",`
			`"version_value": "7.0.10"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "7.6.16"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "7.7.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "7.13.8"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "8.1.0"`
			`},`
			`{`
			`"version_affected": "<",`
			`"version_value": "8.1.3"`
			`},`
			`{`
			`"version_affected": ">=",`
			`"version_value": "8.2.0"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`},`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": "<",`
			`"version_value": "8.2.5"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`},`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": ">=",`
			`"version_value": "8.3.0"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`},`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": "<",`
			`"version_value": "8.3.4"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`},`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": ">=",`
			`"version_value": "8.4.0"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`},`
			`{`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`"version_affected": "<",`
			`"version_value": "8.4.1"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`}`
			`]`
			`}`
			`}`
			`]`
"-Synchronized-Data." 2019-09-19 15:01:17 +00:00			`}`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
			`"value": "The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.1.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request."`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Template injection"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
"-Synchronized-Data." 2019-09-19 15:01:17 +00:00			`"url": "https://jira.atlassian.com/browse/JRASERVER-69933",`
			`"refsource": "MISC",`
			`"name": "https://jira.atlassian.com/browse/JRASERVER-69933"`
"-Synchronized-Data." 2019-09-25 13:01:06 +00:00			`},`
			`{`
			`"refsource": "BUGTRAQ",`
			`"name": "20190925 Jira Security Advisory - 2019-09-18 - CVE-2019-15001",`
			`"url": "https://seclists.org/bugtraq/2019/Sep/42"`
"-Synchronized-Data." 2019-09-25 20:01:00 +00:00			`},`
			`{`
			`"refsource": "MISC",`
			`"name": "http://packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.html",`
			`"url": "http://packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.html"`
Add CVE-2019-14994 CVE-2019-15000 CVE-2019-15001 2019-09-19 09:29:57 +10:00			`}`
			`]`
			`}`
Revert the version range changes. 2019-12-11 12:39:06 +11:00			`}`