Atlassian JIRA 4.1.x < 4.1.2 Multiple Vulnerabilities

medium Nessus Plugin ID 47114

Synopsis

The remote web server hosts a web application that is potentially affected by multiple vulnerabilities.

Description

According to its self-reported version number, the version of Atlassian JIRA hosted on the remote web server is 4.1.x prior to 4.1.2. It is, therefore, potentially affected by multiple vulnerabilities :

- Multiple cross-site scripting vulnerabilities exit involving the URL query string passed to unspecified scripts.

- In the standalone distribution, cookies are not stored with the 'HttpOnly' option set.

- Users without 'JIRA Users' permission can login via crowd single sign on.

- There is a cross-site request forgery vulnerability involving the 'Logout' action.

- Unspecified vulnerabilities exists related to Bamboo and and FishEye when these plugins are enabled in JIRA.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Atlassian JIRA 4.1.2 or later.

See Also

http://www.nessus.org/u?67275f10

Plugin Details

Severity: Medium

ID: 47114

File Name: jira_4_1_2.nasl

Version: 1.13

Type: remote

Family: CGI abuses

Published: 6/22/2010

Updated: 6/5/2024

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Vulnerability Information

CPE: cpe:/a:atlassian:jira

Required KB Items: Settings/ParanoidReport, installed_sw/Atlassian JIRA

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No known exploits are available

Patch Publication Date: 6/18/2010

Vulnerability Publication Date: 6/18/2010

Reference Information

BID: 40950, 40953

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990

SECUNIA: 40212