CVE-2019-15001
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-15001
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Atlassian JIRA Server和Data Center Jira Importers Plugin 代码注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Atlassian JIRA Server和Atlassian JIRA Data Center都是澳大利亚Atlassian(Atlassian)公司的产品。Atlassian JIRA Server是一套缺陷跟踪管理系统的服务器版本。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。Atlassian JIRA Data Center是Atlassian JIRA的数据中心版本。Jira Importers Plugin(JIM)是其中的一个文件/数据导入插件。 Atlassian JIRA Serv
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Atlassian | Jira Server | 7.0.10 ~ unspecified | - | |
| Atlassian | Jira Data Center | 7.0.10 ~ unspecified | - |
II. Public POCs for CVE-2019-15001
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-15001
请登录查看更多情报信息。
- https://jira.atlassian.com/browse/JRASERVER-69933x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2019-15001
Same Patch Batch · Atlassian · 2019-09-19 · 3 CVEs total
| CVE-2019-14994 | Atlassian Jira Service Desk Server和Atlassian Jira Service Desk Data Center Customer Contex | |
| CVE-2019-15000 | Atlassian Bitbucket Server和Atlassian Bitbucket Data Center 操作系统命令注入漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2019-15001
No comments yet