HTTP: Atlassian JIRA Directory Traversal
This signature detects attempts to exploit a known vulnerability in Atlassian JIRA. The vulnerability is due to lack of input validation when processing user supplied data. Successful exploitation could lead to command injection and execution in security context of the JIRA service.
Extended Description
Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 6.0.4 allows remote attackers to create arbitrary files via unspecified vectors.
References
BugTraq: 65849
CVE: CVE-2014-2314
URL: https://confluence.atlassian.com/display/jira/jira+security+advisory+2014-02-26
Short Name
HTTP:ATLASIAN-JIRA-DIR-TRAVER
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Atlassian CVE-2014-2314 Directory JIRA Traversal bid:65849
Release Date
09/05/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
CVSS Score
4.3