admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2019/15xxx/CVE-2019-15001.json
David Black ccad58af3a Revert the version range changes.
2019-12-11 12:39:06 +11:00

174 lines
8.0 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-09-18T00:00:00",
"ID": "CVE-2019-15001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atlassian",
"product": {
"product_data": [
{
"product_name": "Jira Server",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_value": "7.0.10"
},
{
"version_affected": "<",
"version_value": "7.6.16"
},
{
"version_affected": ">=",
"version_value": "7.7.0"
},
{
"version_affected": "<",
"version_value": "7.13.8"
},
{
"version_affected": ">=",
"version_value": "8.1.0"
},
{
"version_affected": "<",
"version_value": "8.1.3"
},
{
"version_affected": ">=",
"version_value": "8.2.0"
},
{
"version_affected": "<",
"version_value": "8.2.5"
},
{
"version_affected": ">=",
"version_value": "8.3.0"
},
{
"version_affected": "<",
"version_value": "8.3.4"
},
{
"version_affected": ">=",
"version_value": "8.4.0"
},
{
"version_affected": "<",
"version_value": "8.4.1"
}
]
}
},
{
"product_name": "Jira Data Center",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_value": "7.0.10"
},
{
"version_affected": "<",
"version_value": "7.6.16"
},
{
"version_affected": ">=",
"version_value": "7.7.0"
},
{
"version_affected": "<",
"version_value": "7.13.8"
},
{
"version_affected": ">=",
"version_value": "8.1.0"
},
{
"version_affected": "<",
"version_value": "8.1.3"
},
{
"version_affected": ">=",
"version_value": "8.2.0"
},
{
"version_affected": "<",
"version_value": "8.2.5"
},
{
"version_affected": ">=",
"version_value": "8.3.0"
},
{
"version_affected": "<",
"version_value": "8.3.4"
},
{
"version_affected": ">=",
"version_value": "8.4.0"
},
{
"version_affected": "<",
"version_value": "8.4.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.1.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Template injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-69933",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JRASERVER-69933"
},
{
"refsource": "BUGTRAQ",
"name": "20190925 Jira Security Advisory - 2019-09-18 - CVE-2019-15001",
"url": "https://seclists.org/bugtraq/2019/Sep/42"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.html",
"url": "http://packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.html"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink