HomePentest-Tools.com Logo

Atlassian Crowd - Remote Code Execution (CVE-2019-11580)

Severity
CVSSv3 Score
9.8
Exploitable with Sniper
Yes
Vulnerability description

Atlassian Crowd is affected a Remote Code Execution vulnerability. The root cause of this vulnerability consists in the pdkinstall development plugin incorrectly enabled. This allows a specially crafted request to install an arbitrary plugin via the Upload Plugin endpoint (POST /crowd/admin/uploadplugin.action). An attacker can install a plugin that contains a webshell file placed to the /crowd/plugins/servlet endpoint of Crowd which can allow for Remote Code Execution.

Exploit capabilities

Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.

Risk description

The risk exists that a remote unauthenticated attacker can fully compromise the server in order to steal confidential information, install ransomware, or pivot to the internal network.

Recommendation

Upgrade the Atlassian Crowd to the latest version.

Detectable with
Network Scanner
Vuln date
Jun 2019
Published at
Updated at
Software Type
Web framework
Vendor
Atlassian
Product
Crowd
Codename
Not available