Jira SSTI CVE-2019-11581
Description
Atlassian Jira contains a Server-Side Template Injection (SSTI) vulnerability that allows attackers to inject malicious template expressions into the ContactAdministrators and SendBulkMail actions. When these templates are processed by the server, the injected code is executed, enabling remote code execution. This vulnerability affects Jira Server and Data Center versions prior to the patched releases.
Remediation
Immediately upgrade Jira to a patched version that addresses CVE-2019-11581. Atlassian has released fixes in the following versions: 7.6.14, 7.13.5, 8.0.3, 8.1.2, 8.2.3, and all later versions. Follow these steps:
1. Review the Atlassian security advisory to identify if your version is affected
2. Back up your Jira instance and database before upgrading
3. Download and install the appropriate patched version from Atlassian
4. Test the upgrade in a non-production environment first if possible
5. After upgrading, review server logs for any suspicious activity that may indicate prior exploitation
6. If immediate patching is not possible, restrict network access to the Jira instance to trusted IP addresses only as a temporary mitigation