CVE-2019-11580: Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability

CVE ID

CVE-2019-11580

Vulnerability Name

Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability

• Project: Atlassian
• Product: Crowd and Crowd Data Center

Date

• Date Added: 2021-11-03
• Due Date: 2022-05-03

Description

Atlassian Crowd and Crowd Data Center contain a remote code execution vulnerability resulting from a pdkinstall development plugin being incorrectly enabled in release builds.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2019-11580

Related Security News

• New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List