CVE-2017-5983
CRITICAL NUCLEIAtlassian JIRA Server < 6.3.0 - Remote Code Execution via XML Parser Deserialization
Title source: llmExploitation Summary
CVE-2017-5983 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.
Nuclei Templates (1)
JIRA Workflow Designer Plugin in Atlassian JIRA Server > 6.3.0 - Remote Code Execution (XXE)
CRITICALVERIFIEDby us3r777,Synacktiv
Shodan:
http.title:"system dashboard - jira" || cpe:"cpe:2.3:a:atlassian:jira" || http.component:"atlassian confluence" || http.component:"atlassian jira"
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
https://jira.atlassian.com/browse/JRASERVER-64077
Third Party Advisory, US Government Resource, VDB Entry third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/307983
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/97379
Technical Description x_refsource_misc
http://codewhitesec.blogspot.com/2017/04/amf.html
Vendor Advisory x_refsource_confirm
https://confluence.atlassian.com/jira063/jira-security-advisory-2017-03-09-875604401.html
Scores
CVSS v3
9.8
EPSS
0.0430
EPSS Percentile
89.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-502
Status
published
Products (50)
atlassian/jira
4.2.4
atlassian/jira
4.3
atlassian/jira
4.3.1
atlassian/jira
4.3.2
atlassian/jira
4.3.3
atlassian/jira
4.3.4
atlassian/jira
4.4
atlassian/jira
4.4.1
atlassian/jira
4.4.2
atlassian/jira
4.4.3
... and 40 more
Published
Apr 10, 2017
Tracked Since
Feb 18, 2026