QID 379149
QID 379149: Atlassian Jira Service Management Server and Data Center Remote Code Execution (RCE) Vulnerability (JSDSERVER-14906)
Jira Service Management is Atlassian's service management solution for all teams.
CVE-2022-1471: Multiple Atlassian Data Center and Server Products use the SnakeYAML library for Java, which is susceptible to a deserialization flaw that can lead to RCE (Remote Code Execution).
Affected Versions:
Jira Service Management Data Center and Server 5.4.0 prior to v5.4.14
Jira Service Management Data Center and Server 5.5.x
Jira Service Management Data Center and Server 5.6.x
Jira Service Management Data Center and Server 5.7.x
Jira Service Management Data Center and Server 5.8.x
Jira Service Management Data Center and Server 5.9.x
Jira Service Management Data Center and Server 5.10.x
Jira Service Management Data Center and Server 5.11.x prior to 5.11.2
Note: Detection is potential because currently we cannot check for Automation for Jira (A4J) app and Universal Plugin Manager (UPM).
QID detection Logic: (Authenticated)
Linux: This QID checks for installed vulnerable version of Atlassian Jira Service Management (formerly named Jira Service Desk) using ps command.
Windows: This QID checks for installed vulnerable version of Atlassian Jira Service Management (formerly named Jira Service Desk) using Uninstall string in HKLM\SOFTWARE
Successful exploitation of this vulnerability allows an unauthenticated attacker to execute code remotely, which may aid further attacks and threats
Workaround:
If you are unable to upgrade your product instance to a fixed version, you can completely mitigate this vulnerability by upgrading your Automation for Jira (A4J) app to a fixed version via the Universal Plugin Manager (UPM).
- JSDSERVER-14906 -
jira.atlassian.com/browse/JSDSERVER-14906
CVEs related to QID 379149
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| JSDSERVER-14906 |
jira.atlassian.com/browse/JSDSERVER-14906 |