ASA-2019-00459 – Atlassian Crowd: pdkinstall development plugin incorrectly enabled


Allele Security Alert

ASA-2019-00459

Identifier(s)

ASA-2019-00459, CVE-2019-11580

Title

pdkinstall development plugin incorrectly enabled

Vendor(s)

Atlassian

Product(s)

Atlassian Crowd
Atlassian Crowd Data Center

Affected version(s)

Atlassian Crowd versions 2.12.22.3.12.4.12.5.12.6.12.7.12.8.12.9.12.10.12.11.1,
2.12.0 and 3.0.0

Atlassian Crowd Data Center versions 2.1, 2.2, 2.3.1, 2.4.1, 2.5.1, 2.6.1, 2.7.1, 2.8.1, 2.9.1, 2.10.1, 2.11.1, 2.12.0 and 3.0.0

Fixed version(s)

Atlassian Crowd versions 3.0.5, 3.1.6, 3.2.8, 3.3.5 and 3.4.4

Atlassian Crowd Data Center versions 3.0.5, 3.1.6, 3.2.8, 3.3.5 and 3.4.4

Proof of concept

Yes

Description

Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center

Technical details

Unknown

Credits

Unknown

Reference(s)

Crowd Security Advisory 2019-05-22
https://confluence.atlassian.com/crowd/crowd-security-advisory-2019-05-22-970260700.html

Crowd – pdkinstall development plugin incorrectly enabled – CVE-2019-11580
https://jira.atlassian.com/browse/CWD-5388

Analysis of an Atlassian Crowd RCE – CVE-2019-11580
https://www.corben.io/atlassian-crowd-rce/

atlassian-shell
https://github.com/lc/research/tree/master/CVE-2019-11580/atlassian-shell

CVE-2019-11580
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11580

CVE-2019-11580
https://nvd.nist.gov/vuln/detail/CVE-2019-11580

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: July 23, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.