Detections
Analytics
Atlassian JIRA < 5.0.1 XML Parsing DoS
medium Nessus Plugin ID 59329
Language:
Synopsis
The remote web server hosts a web application that is potentially affected by a denial of service vulnerability.Description
According to its self-reported version number, the version of Atlassian JIRA hosted on the remote web server is prior to 5.0.1. It is, therefore, potentially affected by an XML parsing flaw due to improper restrictions on the capabilities of third-party parsers. A remote, authenticated attacker can exploit this to perform a denial of service attack against JIRA.The Tempo and Gliffy plugins for JIRA are also affected by this vulnerability; however, Nessus did not confirm that these plugins are installed. If you are using these plugins with any version of JIRA, you should upgrade or disable them.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to JIRA 5.0.1 or later, and upgrade or disable the Tempo and Gliffy plugins.See Also
Plugin Details
Severity: Medium
ID: 59329
File Name: jira_5_0_1.nasl
Version: 1.18
Type: remote
Family: CGI abuses
Published: 6/1/2012
Updated: 6/5/2024
Configuration: Enable paranoid mode, Enable thorough checks
Supported Sensors: Nessus
Enable CGI Scanning: true
Risk Information
VPR
Risk Factor: Medium
Score: 6.0
CVSS v2
Risk Factor: Medium
Base Score: 6.4
Temporal Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS Score Source: CVE-2012-2928
Vulnerability Information
CPE: cpe:/a:atlassian:jira
Required KB Items: Settings/ParanoidReport, installed_sw/Atlassian JIRA
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/17/2012
Vulnerability Publication Date: 5/17/2012
Reference Information
CVE: CVE-2012-2926, CVE-2012-2927, CVE-2012-2928
BID: 53595