CVE-2017-18113 - OpenCVE

Vendors	Products
Atlassian	Data Center Jira

Link	Resource
https://jira.atlassian.com/browse/JRASERVER-72660	Issue Tracking Vendor Advisory

{"containers": {"cna": {"affected": [{"product": "Jira Server", "vendor": "Atlassian", "versions": [{"lessThan": "8.18.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Jira Data Center", "vendor": "Atlassian", "versions": [{"lessThan": "8.18.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2021-08-02T00:00:00", "descriptions": [{"lang": "en", "value": "The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution (RCE) vulnerability. The vulnerability allowed for various problematic OSWorkflow classes to be used as part of workflows. The fix for this issue blocks usage of unsafe conditions, validators, functions and registers that are build-in into OSWorkflow library and other Jira dependencies. Atlassian-made functions or functions provided by 3rd party plugins are not affected by this fix."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-02T02:35:10", "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66", "shortName": "atlassian"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://jira.atlassian.com/browse/JRASERVER-72660"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@atlassian.com", "DATE_PUBLIC": "2021-08-02T00:00:00", "ID": "CVE-2017-18113", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Jira Server", "version": {"version_data": [{"version_affected": "<", "version_value": "8.18.1"}]}}, {"product_name": "Jira Data Center", "version": {"version_data": [{"version_affected": "<", "version_value": "8.18.1"}]}}]}, "vendor_name": "Atlassian"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution (RCE) vulnerability. The vulnerability allowed for various problematic OSWorkflow classes to be used as part of workflows. The fix for this issue blocks usage of unsafe conditions, validators, functions and registers that are build-in into OSWorkflow library and other Jira dependencies. Atlassian-made functions or functions provided by 3rd party plugins are not affected by this fix."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"}]}]}, "references": {"reference_data": [{"name": "https://jira.atlassian.com/browse/JRASERVER-72660", "refsource": "MISC", "url": "https://jira.atlassian.com/browse/JRASERVER-72660"}]}}}}, "cveMetadata": {"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66", "assignerShortName": "atlassian", "cveId": "CVE-2017-18113", "datePublished": "2021-08-02T00:00:00", "dateReserved": "2018-02-01T00:00:00", "dateUpdated": "2021-08-02T02:35:10", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:atlassian:data_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "7EFBCA0F-3598-4FA9-A01E-3594BAE5FD47", "versionEndExcluding": "8.18.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*", "matchCriteriaId": "4270229A-3AB3-4A4E-B858-2FFE46D9A615", "versionEndExcluding": "8.18.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution (RCE) vulnerability. The vulnerability allowed for various problematic OSWorkflow classes to be used as part of workflows. The fix for this issue blocks usage of unsafe conditions, validators, functions and registers that are build-in into OSWorkflow library and other Jira dependencies. Atlassian-made functions or functions provided by 3rd party plugins are not affected by this fix."}, {"lang": "es", "value": "La clase DefaultOSWorkflowConfigurator en Jira Server y Jira Data Center versiones anteriores a 8.18.1, permite a atacantes remotos que pueden enga\u00f1ar a un administrador del sistema para importar su workflow malicioso para ejecutar c\u00f3digo arbitrario a trav\u00e9s de una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota (RCE). La vulnerabilidad permiti\u00f3 que varias clases problem\u00e1ticas de OSWorkflow sean usadas como parte de los workflows. La soluci\u00f3n para este problema bloquea el uso de condiciones, comprobadores, funciones y registros no seguros que est\u00e1n integrados en la biblioteca OSWorkflow y otras dependencias de Jira. Las funciones creadas por Atlassian o las funciones proporcionadas por complementos de terceros no est\u00e1n afectadas por esta correcci\u00f3n"}], "id": "CVE-2017-18113", "lastModified": "2021-08-10T13:51:45.267", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-08-02T03:15:07.110", "references": [{"source": "security@atlassian.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://jira.atlassian.com/browse/JRASERVER-72660"}], "sourceIdentifier": "security@atlassian.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-94"}], "source": "security@atlassian.com", "type": "Secondary"}]}

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

JSON object

JSON object

JSON object