Vulnerabilities > CVE-2017-5983 - Deserialization of Untrusted Data vulnerability in Atlassian Jira
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | CGI abuses |
NASL id | JIRA_6_3.NASL |
description | According to its self-reported version number, the version of Atlassian JIRA hosted on the remote web server is 4.2.4 or later but prior to 6.3.0. It is, therefore, affected by multiple vulnerabilities in the JIRA Workflow Designer plugin : - A remote code execution vulnerability exists in the Action Message Format (AMF3) deserializer due to deriving class instances from java.io.Externalizable rather than the AMF3 specification |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 100220 |
published | 2017-05-16 |
reporter | This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/100220 |
title | Atlassian JIRA 4.2.4 < 6.3.0 Multiple Vulnerabilities |
code |
|
Seebug
bulletinFamily | exploit |
description | Details reference: https://codewhitesec.blogspot.kr/2017/04/amf.html Some Java implementations of AMF3 deserializers derive class instances from java. io. Externalizable rather than the AMF3 specification's recommendation of a flash. utils. IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized. The reporter has identified the following products and versions as being affected, and CVE IDS have been assigned as follows: \- Atlassian JIRA, versions from 4.2.4 prior to version 6.3.0 - CVE-2017-5983 for \- Flamingo amf-serializer by Exadel, version 2.2.0 - CVE-2017-3201 \- GraniteDS, version 3.1.1. GA - CVE-2017-3199 \- Pivotal/Spring spring-flex - CVE-2017-3203 \- WebORB for Java by Midnight Coders, version 5.1.1.0 - CVE-2017-3207 Products using these libraries may also be impacted. |
id | SSV:92913 |
last seen | 2017-11-19 |
modified | 2017-04-06 |
published | 2017-04-06 |
reporter | Root |
source | https://www.seebug.org/vuldb/ssvid-92913 |
title | AMF3 Java implementations deserialization Vulnerability |
References
- http://codewhitesec.blogspot.com/2017/04/amf.html
- http://codewhitesec.blogspot.com/2017/04/amf.html
- http://www.securityfocus.com/bid/97379
- http://www.securityfocus.com/bid/97379
- https://confluence.atlassian.com/jira063/jira-security-advisory-2017-03-09-875604401.html
- https://confluence.atlassian.com/jira063/jira-security-advisory-2017-03-09-875604401.html
- https://jira.atlassian.com/browse/JRASERVER-64077
- https://jira.atlassian.com/browse/JRASERVER-64077
- https://www.kb.cert.org/vuls/id/307983
- https://www.kb.cert.org/vuls/id/307983