POC to check for Jira instances vulnerable to CVE-2019-8451# Jira CVE-2019-8451 POC
## Description
Proof of concept scan to check if a Jira host is vulnerable to CVE-2019-8451
### CVE-2019-8451
CVE-2019-8451 is a pre-authentication server side request forgery (SSRF) vulnerability found in the /plugins/servlet/gadgets/makeRequest resource.
This vulnerability was introduced in Jira server version 7.6.0, and fixed in versions 7.13.9 and 8.4.0.
## Requirements
Only needs the requests library.
Install with `pip3 install requests`
## Usage
```
$ ./jira-2019-8451.py -h
usage: jira-2019-8451.py [-h] [-u URL] [-c]
For checking if a Jira instance is vunlerable to CVE-2019-8451
optional arguments:
-h, --help show this help message and exit
-u URL, --url URL URL of the target Jira instance e.g. '-u
https://localhost:8080'
-c, --check Only check the Jira version; doesn't send SSRF attempt
```
## Example Output
Host probably vulnerable:
```
$ python3 jira.py -u https://localhost:8080
[-] Testing https://localhost:8080...
[-] Checking for version...
[-] Jira version appears to be: 8.3.4
[-] Sending SSRF test...
[+] Host appears to be vulnerable!
```
Host probably not vulnerable:
```
$ python3 jira.py -u https://localhost:8080
[-] Testing https://localhost:8080...
[-] Checking for version...
[-] Jira version appears to be: 8.4.1
[-] Sending SSRF test...
[!] Host doesn't appear to be vulnerable.
```
## References
- https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in
- https://jira.atlassian.com/browse/JRASERVER-69793
[4.0K] /data/pocs/3df679eb70a0659132df8b48704be22a2861b1e0
├── [2.6K] jira-2019-8451.py
├── [1.0K] LICENSE
└── [1.6K] README.md
0 directories, 3 files