Jira Unauthorized SSRF via REST API
Description
Atlassian Jira contains an unauthenticated Server-Side Request Forgery (SSRF) vulnerability in the /plugins/servlet/gadgets/makeRequest REST API endpoint. This vulnerability allows remote attackers to send specially crafted HTTP requests that force the Jira server to make unauthorized requests to internal or external systems. The flaw exists due to insufficient validation of user-supplied URLs, enabling attackers to bypass network security controls and access resources that should not be publicly accessible.
Remediation
Apply security patches immediately by upgrading Atlassian Jira to a fixed version. The vulnerability has been resolved in the following versions:
• Jira 8.4.0 or later
• Jira 7.13.9 or later (for 7.x branch)
Remediation Steps:
1. Identify your current Jira version by navigating to Settings → System → System Info
2. Review the Atlassian security advisory and release notes for your upgrade path
3. Back up your Jira instance and database before upgrading
4. Perform the upgrade during a scheduled maintenance window following Atlassian's upgrade documentation
5. After upgrading, verify the patch by testing the /plugins/servlet/gadgets/makeRequest endpoint to ensure SSRF protections are active
Temporary Mitigation (if immediate patching is not possible):
• Restrict access to the vulnerable endpoint using web application firewall (WAF) rules or reverse proxy configurations
• Implement network-level controls to limit outbound connections from the Jira server
• Monitor Jira access logs for suspicious requests to the gadgets endpoint