CVE-2020-36239
- 特征库ID:
50644
- 漏洞级别:
high
- CVE ID:
CVE-2020-36239
- 建议的动作:
drop
- 受影响的系统:
Windows, Linux, BSD, Solaris, MacOS
- 协议:
攻击漏洞描述
这表明攻击企图利用 Atlassian JIRA 服务管理中的不安全反序列化漏洞。该漏洞是由于缺少对 Ehcache RMI 网络服务的 RMI 方法参数的输入验证。未经身份验证的远程攻击者可以通过 RMI 调用向目标应用程序发送恶意制作的序列化参数来利用此漏洞。成功利用可能会导致在目标系统上以 Web 服务器的权限执行任意代码。
影响范围
Atlassian JIRA 6.3.x
Atlassian JIRA 6.4.x
Atlassian JIRA 7.x.x
Atlassian JIRA 8.0.x
Atlassian JIRA 8.1.x
Atlassian JIRA 8.2.x
Atlassian JIRA 8.3.x
Atlassian JIRA 8.4.x
Atlassian JIRA 8.5.x prior to 8.5.16
Atlassian JIRA 8.6.x
Atlassian JIRA 8.7.x
Atlassian JIRA 8.8.x
Atlassian JIRA 8.9.x
Atlassian JIRA 8.10.x
Atlassian JIRA 8.11.x
Atlassian JIRA 8.12.x
Atlassian JIRA 8.13.x prior to 8.13.8
Atlassian JIRA 8.14.x
Atlassian JIRA 8.15.x
Atlassian JIRA 8.16.x
Atlassian JIRA Service Management 2.x.x after 2.0.2
Atlassian JIRA Service Management 3.x.x
Atlassian JIRA Service Management 4.0.x
Atlassian JIRA Service Management 4.1.x
Atlassian JIRA Service Management 4.2.x
Atlassian JIRA Service Management 4.3.x
Atlassian JIRA Service Management 4.4.x
Atlassian JIRA Service Management 4.5.x prior to 4.5.16
Atlassian JIRA Service Management 4.6.x
Atlassian JIRA Service Management 4.7.x
Atlassian JIRA Service Management 4.8.x
Atlassian JIRA Service Management 4.9.x
Atlassian JIRA Service Management 4.10.x
Atlassian JIRA Service Management 4.11.x
Atlassian JIRA Service Management 4.12.x
Atlassian JIRA Service Management 4.13.x prior to 4.13.8
Atlassian JIRA Service Management 4.14.x
Atlassian JIRA Service Management 4.15.x
Atlassian JIRA Service Management 4.16.x
可能带来的后果
系统被入侵:远程攻击者可以控制易受攻击的系统。
解决办法
应用供应商提供的最新升级或补丁。 https://confluence.atlassian.com/adminjiraserver/jira-data-center-and-jira-service-management-data-center-security-advisory-2021-07-21-1063571388.html