'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_app: jira_ssrf_vul(Rule ID:1070210213)

Release Date2025/9/15

Rule NameCVE-2019-8451: Jira Server-Side Request Forge Vulnerability

Severity:critical

CVE IDCVE-2019-8451

 

Descripiton

Atlassian Jira is a set of defect tracking management systems for ATLASSIAN Australia. The system is mainly used to track management in various types of problems and defects in work. ATLASSIAN JIRA 8.4.0 Previous / Plugins / Servlet / Gadgets / MakeRequest resource exists in code problem vulnerability. This vulnerability is derived from the problem of design or improper implementation of the code development process of the network system or product. This rule supports to defend the A6: Vulnerable and Outdated Components of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.