JIRA.Issues.Collector.Directory.Traversal
Description
This indicates an attack attempt to exploit a Directory Traversal vulnerability in Atlassian JIRA.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when vulnerable module handles crafted request. A remote attacker can exploit this to gain unauthorized access to sensitive information via a crafted request. Also, remote attacker can upload arbitrary files with custom content to vulnerable server, leading to remote code execution.
Affected Products
Jira 6.0.3 or prior
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2014-02-26
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |