CVE-2019-15001

Description

The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request.

Risk Information

Base Score

7.2

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

11.506

Associated Vulnerability

Vulnerability	OS Platform
Multiple vulnerabilities affected in Atlassian Jira 8.4.0	Windows
Vulnerabilities CVE-2019-15001 are affected in Atlassian Jira Core Data Center 7.13.7	Windows
Vulnerabilities CVE-2019-15001 are affected in Atlassian Jira Core Data Center 7.6.15	Windows
Vulnerabilities CVE-2019-15001 are affected in Atlassian Jira Core Data Center 8.1.2	Windows
Vulnerabilities CVE-2019-15001 are affected in Atlassian Jira Core Data Center 8.2.4	Windows
Vulnerabilities CVE-2019-15001 are affected in Atlassian Jira Core Data Center 8.3.3	Windows
Vulnerabilities CVE-2019-15001 are affected in Atlassian Jira Core Data Center 8.4.0	Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234