Skip to main content
Skip table of contents

2025 01 20 - P1 Security issue

A security vulnerability was recently identified and fixed in Elements Connect. Here are the details about the issue, its impact and the analysis and actions taken.

Nature of the issue

The vulnerability was present since the version of Elements Connect for Jira Cloud published on (FreeMarker in queries).
A Remote Code Execution (RCE) vulnerability was identified in the handling of FreeMarker templates. This vulnerability allowed attackers to execute arbitrary system commands on the server.

This vulnerability has been rated as critical, according to the scale published on the Common Vulnerability Scoring System (CVSS).
The vulnerability was brought to our notice by the Bug Bounty Program and fixed on 

Impact

The impact of this vulnerability is reduced by the fact that it can only be exploited by a Jira administrator that would want to compromise another Jira administrator of the same Jira site.

The issue was reproducible when an admin user enabled FreeMarker dynamic query logic in a REST API data source configuration.

A malicious payload injected into a connected field query allowed system commands to be executed. Had this vulnerability been exploited in real-world conditions, it could have led to:

  • Unauthorized system access

  • Data theft (exfiltration of sensitive credentials or configurations)

  • Service disruptions (potential for system compromise and denial of service)

No evidence of active exploitation in production environments was found.

Analysis and actions taken

We’ve disabled freemarker.template.utility.Execute, preventing the execution of system commands via FreeMarker.

We’ve also hardened FreeMarker configurations to ensure restricted object wrappers are used and prohibited the use “?eval” operator within the fields templates.

Deployment of the fixed version was conducted by following the usual CI procedure.

Conclusion

This fix is now live and ensures that Elements Connect Cloud remains secure.

No action is required from customers, but we encourage all users to keep their applications up to date and report any suspicious behavior.

We want you to know that we take this issue very seriously. We are conducting a thorough review of our internal processes to ensure this does not occur again for our customers.

If you have any questions, please feel free to raise a support request at support.elements-apps.com referencing "ECC-3389".

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close