SynopsisThe remote web server hosts a web application that is affected by a DLL Hijacking Vulnerability.
DescriptionAccording to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 8.3.x prior to 8.5.2. It is, therefore, affected by a DLL hijacking vulnerability. The usage of Tomcat in Jira allows local attackers with permission to write a DLL file to a directory in the global path environmental variable, to inject code via a DLL hijacking vulnerability.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Atlassian Jira version 8.5.2, 8.6.0 or later