Description

The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hijacking vulnerability.

Remediation

References

CVE-2019-20400

Related Vulnerabilities

Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7941)

PostgreSQL Untrusted Search Path Vulnerability (CVE-2020-10733)

WebLogic CVE-2022-21292 Vulnerability (CVE-2022-21292)

WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Security Bypass (3.5.13)

WordPress Plugin Rezgo Cross-Site Scripting (1.4.2)

Severity

High

Classification

CVE-2019-20400 CWE-427 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities