CVEPublished 2017-04-101 article on news7 live referencesNVD data

CVE-2017-5983

Vulnerability data via CVEDB (Shodan)

CVSS v3.1
9.8
CRITICAL
EPSS percentile
97
Exploit Prediction Scoring System · top 3% of all CVEs
Description

The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.

Timeline
Published 2017-04-10

External references

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

More intel sources (5)

Known PoCs on GitHub (1)