The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check.

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.13.0 prior to 7.13.4, 8.0.0 prior to 8.0.4 or 8.1.0 prior to 8.1.1. It is, therefore, affected by multiple vulnerabilities:

- A vulnerability which permits remote attackers who have obtained access to administrator's session to access the ViewUpgrades administrative resource without needing to re-authenticate via a improper access control flaw (CVE-2019-8443).

- A vulnerability which permits remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check in the CachingResourceDownloadRewriteRule class (CVE-2019-8442).

- A vulnerability in the /rest/api/2/user/picker rest resource which permits allows remote attackers to enumerate usernames via an incorrect authorisation check(CVE-2019-3403).

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

The instance of Atlassian Jira hosted on the remote web server is affected by a directory traversal vulnerability in CachingResourceDownloadRewriteRule class due to an improper path access restriction. An unauthenticated, remote attacker can exploit this, by sending a specially crafted HTTP request, to disclose sensitive information which may aid in further attacks.

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is potentially affected by multiple vulnerabilities:

  - A directory traversal vulnerability exists in the CachingResourceDownloadRewriteRule class due to an     ineffective path access check. An unauthenticated, remote attacker can exploit this, by accessing files in     the Jira webroot under the META-INF. (CVE-2019-8442)

  - An authentication bypass vulnerability exists in the ViewUpgrades resource due to an improper access     control. An unauthenticated, remote attacker can exploit this, to bypass WebSudo authentication and access     the ViewUpgrades administrative resource. (CVE-2019-8443)

ID	Name	Product	Family	Severity
113783	Atlassian Jira 8.1.0 < 8.1.1 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	high
113782	Atlassian Jira 8.0.0 < 8.0.4 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	high
113781	Atlassian Jira 7.13.0 < 7.13.4 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	high
130278	Atlassian Jira Webroot Directory Traversal Vulnerability	Nessus	CGI abuses	high
125629	Atlassian Jira 7.13.x < 7.13.4, 8.0.x < 8.0.4, 8.1.x < 8.1.1 Multiple Vulnerabilities	Nessus	CGI abuses	high

Detections

Analytics

CVE-2019-8442

high

Tenable Plugins

high

high

high

high

high