CVE-2020-36239

Summary

Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17.0 exposed a Ehcache RMI network service which attackers, who can connect to the service, on port 40001 and potentially 40011[0][1], could execute arbitrary code of their choice in Jira through deserialization due to a missing authentication vulnerability. While Atlassian strongly suggests restricting access to the Ehcache ports to only Data Center instances, fixed versions of Jira will now require a shared secret in order to allow access to the Ehcache service. [0] In Jira Data Center, Jira Core Data Center, and Jira Software Data Center versions prior to 7.13.1, the Ehcache object port can be randomly allocated. [1] In Jira Service Management Data Center versions prior to 3.16.1, the Ehcache object port can be randomly allocated.

Affected Software

VendorProductVersion RangeStatus
AtlassianJira Data Center6.3.0 < unspecifiedaffected
AtlassianJira Data Centerunspecified < 8.5.16affected
AtlassianJira Data Center8.6.0 < unspecifiedaffected
AtlassianJira Data Centerunspecified < 8.13.8affected
AtlassianJira Data Center8.14.0 < unspecifiedaffected
AtlassianJira Data Centerunspecified < 8.17.0affected
AtlassianJira Core Data Center6.3.0 < unspecifiedaffected
AtlassianJira Core Data Centerunspecified < 8.5.16affected
AtlassianJira Core Data Center8.6.0 < unspecifiedaffected
AtlassianJira Core Data Centerunspecified < 8.13.8affected
AtlassianJira Core Data Center8.14.0 < unspecifiedaffected
AtlassianJira Core Data Centerunspecified < 8.17.0affected
AtlassianJira Software Data Center6.3.0 < unspecifiedaffected
AtlassianJira Software Data Centerunspecified < 8.5.16affected
AtlassianJira Software Data Center8.6.0 < unspecifiedaffected
AtlassianJira Software Data Centerunspecified < 8.13.8affected
AtlassianJira Software Data Center8.14.0 < unspecifiedaffected
AtlassianJira Software Data Centerunspecified < 8.17.0affected
AtlassianJira Service Management Data Center2.0.2 < unspecifiedaffected
AtlassianJira Service Management Data Centerunspecified < 4.5.16affected
AtlassianJira Service Management Data Center4.6.0 < unspecifiedaffected
AtlassianJira Service Management Data Centerunspecified < 4.13.8affected
AtlassianJira Service Management Data Center4.14.0 < unspecifiedaffected
AtlassianJira Service Management Data Centerunspecified < 4.17.0affected

Weaknesses

  • CWE-862: CWE-862: Missing Authorization

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References