Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5 (the fixed version for 3.0.x), from version 3.1.0 before 3.1.6 (the fixed version for 3.1.x), from version 3.2.0 before 3.2.8 (the fixed version for 3.2.x), from version 3.3.0 before 3.3.5 (the fixed version for 3.3.x), and from version 3.4.0 before 3.4.4 (the fixed version for 3.4.x) are affected by this vulnerability.
Published 2019-06-03 14:29:00
Updated 2022-04-19 15:36:02
Source Atlassian
View at NVD,   CVE.org
Vulnerability category: Execute code

Products affected by CVE-2019-11580

CVE-2019-11580 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:
Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Atlassian Crowd and Crowd Data Center contain a remote code execution vulnerability resulting from a pdkinstall development plugin being incorrectly enabled in release builds.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2019-11580
Added on 2021-11-03 Action due date 2022-05-03

Exploit prediction scoring system (EPSS) score for CVE-2019-11580

97.47%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2019-11580

  • Atlassian Crowd pdkinstall Unauthenticated Plugin Upload RCE
    Disclosure Date: 2019-05-22
    First seen: 2022-12-23
    exploit/multi/http/atlassian_crowd_pdkinstall_plugin_upload_rce
    This module can be used to upload a plugin on Atlassian Cloud via the pdkinstall development plugin as an unauthenticated attacker. The payload is uploaded as a JAR archive containing a servlet using a POST request to /crowd/admin/uploadplugin.action. The che

CVSS scores for CVE-2019-11580

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.5
HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
NIST
9.8
CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.9
5.9
NIST

References for CVE-2019-11580

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!