CVE-2021-43947 - OpenCVE

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Atlassian	Jira Server Jira Data Center Data Center Jira

Configuration 1 [-]

OR	cpe:2.3:a:atlassian:data_center::::::::
	cpe:2.3:a:atlassian:jira::::::::
	cpe:2.3:a:atlassian:jira_data_center::::::::
	cpe:2.3:a:atlassian:jira_server::::::::

References

Link	Resource
https://jira.atlassian.com/browse/JRASERVER-73067	Issue Tracking Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: atlassian

Published: 2022-01-05T00:00:00

Updated: 2022-01-06T01:05:09

Reserved: 2021-11-16T00:00:00

Link: CVE-2021-43947

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-01-06T01:15:07.917

Modified: 2022-03-30T13:29:49.470

Link: CVE-2021-43947

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "Jira Server", "vendor": "Atlassian", "versions": [{"lessThan": "8.13.15", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "unspecified", "status": "affected", "version": "8.14.0", "versionType": "custom"}, {"lessThan": "8.20.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Jira Data Center", "vendor": "Atlassian", "versions": [{"lessThan": "8.13.15", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "unspecified", "status": "affected", "version": "8.14.0", "versionType": "custom"}, {"lessThan": "8.20.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2022-01-05T00:00:00", "descriptions": [{"lang": "en", "value": "Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3."}], "problemTypes": [{"descriptions": [{"description": "Remote Code Execution (RCE)", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-01-06T01:05:09", "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66", "shortName": "atlassian"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://jira.atlassian.com/browse/JRASERVER-73067"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@atlassian.com", "DATE_PUBLIC": "2022-01-05T00:00:00", "ID": "CVE-2021-43947", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Jira Server", "version": {"version_data": [{"version_affected": "<", "version_value": "8.13.15"}, {"version_affected": ">=", "version_value": "8.14.0"}, {"version_affected": "<", "version_value": "8.20.3"}]}}, {"product_name": "Jira Data Center", "version": {"version_data": [{"version_affected": "<", "version_value": "8.13.15"}, {"version_affected": ">=", "version_value": "8.14.0"}, {"version_affected": "<", "version_value": "8.20.3"}]}}]}, "vendor_name": "Atlassian"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Remote Code Execution (RCE)"}]}]}, "references": {"reference_data": [{"name": "https://jira.atlassian.com/browse/JRASERVER-73067", "refsource": "MISC", "url": "https://jira.atlassian.com/browse/JRASERVER-73067"}]}}}}, "cveMetadata": {"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66", "assignerShortName": "atlassian", "cveId": "CVE-2021-43947", "datePublished": "2022-01-05T00:00:00", "dateReserved": "2021-11-16T00:00:00", "dateUpdated": "2022-01-06T01:05:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:atlassian:data_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CCE06B7-9446-49F4-8B23-4544506E5143", "versionEndExcluding": "8.13.15", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFC89A4F-566E-4CF3-962C-5F0985A2A9BF", "versionEndExcluding": "8.13.15", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDD3421F-7C67-4A9E-BAE2-1FD74F921BB9", "versionEndExcluding": "8.20.3", "versionStartIncluding": "8.14.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "9025C857-EC16-431D-B3F9-4F10BE17C8A4", "versionEndExcluding": "8.20.3", "versionStartIncluding": "8.14.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3."}, {"lang": "es", "value": "Las versiones afectadas de Atlassian Jira Server y Data Center permiten a atacantes remotos con privilegios de administrador ejecutar c\u00f3digo arbitrario por medio de una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota (RCE) en la funcionalidad Email Templates. Este problema evita la correcci\u00f3n de https://jira.atlassian.com/browse/JSDSERVER-8665. Las versiones afectadas son anteriores a versi\u00f3n 8.13.15, y desde versi\u00f3n 8.14.0 hasta 8.20.3."}], "id": "CVE-2021-43947", "lastModified": "2022-03-30T13:29:49.470", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-01-06T01:15:07.917", "references": [{"source": "security@atlassian.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://jira.atlassian.com/browse/JRASERVER-73067"}], "sourceIdentifier": "security@atlassian.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}