Short Name |
HTTP:ATLASIAN-JIRA-DIR-TRAVER |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Atlassian JIRA Directory Traversal |
Release Date |
2014/09/05 |
Update Number |
2416 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Atlassian JIRA. The vulnerability is due to lack of input validation when processing user supplied data. Successful exploitation could lead to command injection and execution in security context of the JIRA service.
Per: https://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2014-02-26 "Issue 1: Path traversal in JIRA Issue Collector plugin (Windows only)"