Skip to main content
Skip table of contents

2024 01 24 - P1 Security issue (SSRF and File Read in)

A security vulnerability was recently identified in Elements Connect and fixed on January 24th 2024. Here are the details about the issue, its impact and the analysis and actions taken.

Nature of the issue

The vulnerability was present since the version of Elements Connect for Jira Cloud published on (MySQL datasource feature).
The vulnerability meant that a Jira admin could configure a specific malicious MySQL database, in order to import a malicious file and get Elements AWS configuration.

This vulnerability has been rated as critical, according to the scale published on the Common Vulnerability Scoring System (CVSS).
The vulnerability was detected by Bug Bounty Program on

Impact

Our AWS configuration is very secure and no sensitive information could have been accessed with retrieved AWS parameters.

We are using Intrusion Detection System, GuardDuty, and we were able to detect Bug Bounty tester intrusion attempt.
No other intrusion has been detected before.

Analysis and actions taken

Once we detected the issue, a plan was then elaborated by the IT team to analyse the situation, bring a fix for the issue and deploy it as quickly as possible.

Our investigations revealed that the problem was caused by a lack of checks on the database parameter in MySQL data source configuration.

We added strict checks on the parameter value to prevent file inclusion.

Deployment of the fixed version was conducted by following the usual CI procedure.
On top of the automatic tests, we made another series of tests to ensure that the problem was fixed in production.

Conclusion

We want you to know that we take this issue very seriously. We are conducting a thorough review of our internal processes to ensure this does not occur again for our customers.
If you have any questions, please feel free to raise a support request at support.elements-apps.com referencing "ECC-3169".

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.