The icon-uri servlet allows arbitrary HTTP requests to be proxied - CVE-2017-9506

Description

The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF). When running in an environment like Amazon EC2, this flaw can used to access to a metadata resource that provides access credentials and other potentially confidential information.

Environment

None

Testing Notes

None

Activity

Show:
David Black
May 30, 2017, 11:58 PM

CVSS v3 score: 6.1 => Medium severity

Exploitability Metrics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope Metric

Scope

Changed

Impact Metrics

Confidentiality

Low

Integrity

Low

Availability

None

Vincent Kopa - Ovyka
November 13, 2020, 4:49 PM

Hello, is there a version matrix for this component VS Jira & Confluence versions ?

David Black
November 15, 2020, 11:05 PM
Vincent Kopa - Ovyka
November 16, 2020, 12:02 AM

Hi David, thanks a lot, the “new view” in Jira Cloud doesn’t show external links yet…

Assignee

Petro Semeniuk

Reporter

David Black

Add-on Type

None

Team

None

CC

None

Risk factor

None

QA Kickoff Status

None

QA Demo Status

None

Fix versions

Affects versions

Priority

Major
Configure