Vulnerability Details : CVE-2019-11580
Public exploit exists!
Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5 (the fixed version for 3.0.x), from version 3.1.0 before 3.1.6 (the fixed version for 3.1.x), from version 3.2.0 before 3.2.8 (the fixed version for 3.2.x), from version 3.3.0 before 3.3.5 (the fixed version for 3.3.x), and from version 3.4.0 before 3.4.4 (the fixed version for 3.4.x) are affected by this vulnerability.
Vulnerability category: Execute code
Products affected by CVE-2019-11580
- cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*
CVE-2019-11580 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Atlassian Crowd and Crowd Data Center contain a remote code execution vulnerability resulting from a pdkinstall development plugin being incorrectly enabled in release builds.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2019-11580
Added on
2021-11-03
Action due date
2022-05-03
Exploit prediction scoring system (EPSS) score for CVE-2019-11580
97.47%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2019-11580
-
Atlassian Crowd pdkinstall Unauthenticated Plugin Upload RCE
Disclosure Date: 2019-05-22First seen: 2022-12-23exploit/multi/http/atlassian_crowd_pdkinstall_plugin_upload_rceThis module can be used to upload a plugin on Atlassian Cloud via the pdkinstall development plugin as an unauthenticated attacker. The payload is uploaded as a JAR archive containing a servlet using a POST request to /crowd/admin/uploadplugin.action. The che
CVSS scores for CVE-2019-11580
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2019-11580
-
http://packetstormsecurity.com/files/163810/Atlassian-Crowd-pdkinstall-Remote-Code-Execution.html
Atlassian Crowd pdkinstall Remote Code Execution ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
https://jira.atlassian.com/browse/CWD-5388
[CWD-5388] Crowd - pdkinstall development plugin incorrectly enabled - CVE-2019-11580 - Create and track feature requests for Atlassian products.Mitigation;Issue Tracking;Vendor Advisory
-
http://www.securityfocus.com/bid/108637
Atlassian Crowd and Crowd Data Center CVE-2019-11580 Remote Code Execution VulnerabilityBroken Link
Jump to