{"id":12433,"date":"2021-12-10T11:36:11","date_gmt":"2021-12-10T03:36:11","guid":{"rendered":"https:\/\/aqzt.com\/12433.html"},"modified":"2021-12-10T11:36:11","modified_gmt":"2021-12-10T03:36:11","slug":"%e3%80%90%e6%bc%8f%e6%b4%9e%e9%80%9a%e5%91%8a%e3%80%91jira-data-center%e7%ad%89%e8%bf%9c%e7%a8%8b%e4%bb%a3%e7%a0%81%e6%89%a7%e8%a1%8c%e6%bc%8f%e6%b4%9e%ef%bc%88cve-2020-36239%ef%bc%89","status":"publish","type":"post","link":"https:\/\/aqzt.com\/12433.html","title":{"rendered":"\u3010\u6f0f\u6d1e\u901a\u544a\u3011Jira Data Center\u7b49\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CVE-2020-36239\uff09"},"content":{"rendered":"

2021\u5e747\u670822\u65e5\uff0c\u672c\u7ad9\u5b89\u5168\u4e13\u9898\u76d1\u6d4b\u5230Atlassian\u5b98\u65b9\u53d1\u5e03\u516c\u544a\uff0c\u62ab\u9732\u4e86CVE-2020-36239 Jira Data Center\u7b49\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002<\/p>\n

<\/p>\n

\u6f0f\u6d1e\u63cf\u8ff0<\/strong><\/p>\n

Atlassian JIRA\u662fAtlassian\u516c\u53f8\u51fa\u54c1\u7684\u9879\u76ee\u4e0e\u4e8b\u52a1\u8ddf\u8e2a\u5de5\u5177\uff0c\u88ab\u5e7f\u6cdb\u5e94\u7528\u4e8e\u7f3a\u9677\u8ddf\u8e2a\u3001\u5ba2\u6237\u670d\u52a1\u3001\u9700\u6c42\u6536\u96c6\u3001\u6d41\u7a0b\u5ba1\u6279\u3001\u4efb\u52a1\u8ddf\u8e2a\u3001\u9879\u76ee\u8ddf\u8e2a\u548c\u654f\u6377\u7ba1\u7406\u7b49\u5de5\u4f5c\u9886\u57df\u3002 2021\u5e747\u670821\u65e5Atlassian\u5b98\u65b9\u53d1\u5e03\u516c\u544a\uff0c\u62ab\u9732\u4e86CVE-2020-36239 Jira Data Center\u7b49\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002Jira Data Center\u3001Jira Service Management Data Center\u7b49\u4ea7\u54c1\u572840001\u7b49\u9ed8\u8ba4\u7aef\u53e3\u5f00\u653e\u4e86Ehcache RMI\u670d\u52a1\uff0c\u653b\u51fb\u8005\u53ef\u5728\u65e0\u9700\u8ba4\u8bc1\u7684\u60c5\u51b5\u4e0b\u6784\u9020\u6076\u610f\u8bf7\u6c42\uff0c\u5229\u7528\u8be5RMI\u7aef\u53e3\u89e6\u53d1\u53cd\u5e8f\u5217\u5316\u6f0f\u6d1e\uff0c\u9020\u6210\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u6f0f\u6d1e\u4ec5\u5f71\u54cdJira Data Center\u7cfb\u5217\u4e0eJira Service Management Data Center\u7cfb\u5217\uff0c\u975e Data Center\u4ea7\u54c1\u4e0d\u53d7\u6f0f\u6d1e\u5f71\u54cd\u3002\u672c\u7ad9\u5b89\u5168\u4e13\u9898\u63d0\u9192 Atlassian JIRA \u7528\u6237\u5c3d\u5feb\u91c7\u53d6\u5b89\u5168\u63aa\u65bd\u963b\u6b62\u6f0f\u6d1e\u653b\u51fb\u3002 <\/strong><\/p>\n

<\/p>\n

\u6f0f\u6d1e\u7ec6\u8282\uff1a\u672a\u516c\u5f00<\/p>\n

\u6f0f\u6d1ePOC\uff1a\u672a\u516c\u5f00<\/p>\n

\u6f0f\u6d1eEXP\uff1a\u672a\u516c\u5f00<\/p>\n

\u5728\u91ce\u5229\u7528\uff1a\u672a\u77e5<\/p>\n

<\/p>\n

\u6f0f\u6d1e\u8bc4\u7ea7<\/strong><\/p>\n

CVE-2020-36239 Jira Data Center\u7b49\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e \u9ad8\u5371<\/p>\n

<\/p>\n

\u5f71\u54cd\u7248\u672c<\/strong><\/p>\n

Jira Data Center, Jira Core Data Center, Jira Software Data Center >= 6.3.0 \u4e14 < 8.5.16<\/p>\n

Jira Data Center, Jira Core Data Center, Jira Software Data Center >= 8.6.0 \u4e14 < 8.13.8<\/p>\n

Jira Data Center, Jira Core Data Center, Jira Software Data Center >= 8.14.0 \u4e14 < 8.17.0<\/p>\n<\/p>\n

<\/p>\n

Jira Service Management Data Center >= 2.0.2 \u4e14 < 4.5.16<\/p>\n

Jira Service Management Data Center >= 4.6.0 \u4e14 < 4.13.8<\/p>\n

Jira Service Management Data Center >= 4.14.0 \u4e14 < 4.17.0<\/p>\n

<\/p>\n

\u5b89\u5168\u7248\u672c<\/strong><\/p>\n

Jira Data Center, Jira Core Data Center, Jira Software Data Center 8.5.16<\/p>\n

Jira Data Center, Jira Core Data Center, Jira Software Data Center 8.13.8<\/p>\n

Jira Data Center, Jira Core Data Center, Jira Software Data Center 8.17.0<\/p>\n

<\/p>\n

Jira Service Management Data Center 4.5.16<\/p>\n

Jira Service Management Data Center 4.13.8<\/p>\n

Jira Service Management Data Center 4.17.0<\/p>\n

<\/p>\n

\u5b89\u5168\u5efa\u8bae<\/strong><\/p>\n

1\u3001\u6839\u636e\u5f71\u54cd\u53ca\u5176\u5b89\u5168\u7248\u672c\u6392\u67e5\u5e76\u5347\u7ea7\u5230\u5b89\u5168\u7248\u672c\u3002<\/p>\n

2\u3001\u82e5\u6682\u65e0\u6cd5\u5347\u7ea7\uff0c\u53ef\u5229\u7528\u5b89\u5168\u5b89\u5168\u7ec4\u529f\u80fd\u8bbe\u7f6e Ehcache RMI \u7aef\u53e3\u4ec5\u5bf9\u53ef\u4fe1\u5730\u5740\u5f00\u653e\u3002<\/p>\n

<\/p>\n

\u5bf9 Jira Data Center, Jira Core Data Center, Jira Software Data Center\u7cfb\u5217\u4ea7\u54c1<\/p>\n

\u5f53\u7248\u672c\u5927\u4e8e\u7b49\u4e8e 7.13.1 \u65f6\uff0c\u5176Ehcache RMI \u7aef\u53e3\u9ed8\u8ba4\u4e3a 40001\u300140011\uff0c\u5f53\u7248\u672c\u5c0f\u4e8e\u7b49\u4e8e 7.13.0\u65f6\uff0c\u5176Ehcache RMI \u7aef\u53e3\u9ed8\u8ba4\u4e3a 40001\u300140011\u3001\u4ee5\u53ca1024-65536\u4e2d\u7684\u67d0\u4e2a\u7aef\u53e3\u3002<\/p>\n

<\/p>\n

\u5bf9\u4e8e Jira Service Management Data Center \u7cfb\u5217\u4ea7\u54c1\uff0c\u5f53\u7248\u672c\u5927\u4e8e\u7b49\u4e8e3.16.1\u65f6\uff0c\u5176Ehcache RMI \u7aef\u53e3\u9ed8\u8ba4\u4e3a 40001\u300140011\u3002\u5f53\u7248\u672c\u5c0f\u4e8e\u7b49\u4e8e 3.16.0\u65f6\uff0c\u5176Ehcache RMI \u7aef\u53e3\u9ed8\u8ba4\u4e3a 40001\u300140011\u3001\u4ee5\u53ca1024-65536\u4e2d\u7684\u67d0\u4e2a\u7aef\u53e3\u3002<\/p>\n

<\/p>\n

\u76f8\u5173\u94fe\u63a5<\/strong><\/p>\n

https:\/\/confluence.atlassian.com\/adminjiraserver\/jira-data-center-and-jira-service-management-data-center-security-advisory-2021-07-21-1063571388.html<\/a><\/p>\n<\/p>\n<\/p>\n

\u6211\u4eec\u4f1a\u5173\u6ce8\u540e\u7eed\u8fdb\u5c55\uff0c\u8bf7\u968f\u65f6\u5173\u6ce8\u5b98\u65b9\u516c\u544a\u3002<\/p>\n

\u5982\u6709\u4efb\u4f55\u95ee\u9898\uff0c\u53ef\u968f\u65f6\u53d1\u9001\u90ae\u4ef6\u81f3alicloud-vul@alibabacloud.com<\/p>\n<\/p>\n

\u672c\u7ad9\u5b89\u5168\u4e13\u9898<\/p>\n

2021.7.22<\/p>\n","protected":false},"excerpt":{"rendered":"

2021\u5e747\u670822\u65e5\uff0c\u672c\u7ad9\u5b89\u5168\u4e13\u9898\u76d1\u6d4b\u5230Atlassian\u5b98\u65b9\u53d1\u5e03\u516c\u544a\uff0c\u62ab\u9732\u4e86CVE-2020-36239 Jira Data Center\u7b49\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002 \u6f0f\u6d1e\u63cf\u8ff0 Atlassian JIRA\u662fAtlassian\u516c\u53f8\u51fa\u54c1\u7684\u9879\u76ee\u4e0e\u4e8b\u52a1\u8ddf\u8e2a\u5de5\u5177\uff0c\u88ab\u5e7f\u6cdb\u5e94\u7528\u4e8e\u7f3a\u9677\u8ddf\u8e2a\u3001\u5ba2\u6237\u670d\u52a1\u3001\u9700\u6c42\u6536\u96c6\u3001\u6d41\u7a0b\u5ba1\u6279\u3001\u4efb\u52a1\u8ddf\u8e2a\u3001\u9879\u76ee\u8ddf\u8e2a\u548c\u654f\u6377\u7ba1\u7406\u7b49\u5de5\u4f5c\u9886\u57df\u3002 2021\u5e747\u670821\u65e5Atlassian\u5b98\u65b9\u53d1\u5e03\u516c\u544a\uff0c\u62ab\u9732\u4e86CVE-2020-36239 Jira Data Center\u7b49\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002Jira Data Center\u3001J<\/p>\n","protected":false},"author":1,"featured_media":6522,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"footnotes":""},"categories":[27],"tags":[292,236,287,9,433,25,221,13,11,228,239,285],"collection":[],"_links":{"self":[{"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/posts\/12433"}],"collection":[{"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/comments?post=12433"}],"version-history":[{"count":0,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/posts\/12433\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/media\/6522"}],"wp:attachment":[{"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/media?parent=12433"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/categories?post=12433"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/tags?post=12433"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/collection?post=12433"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}