Critical severity9.8NVD Advisory· Published Apr 10, 2017· Updated Jun 17, 2026
CVE-2017-5983
CVE-2017-5983
Description
The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
68cpe:2.3:a:atlassian:jira:4.2.4:*:*:*:*:*:*:*+ 65 more
- cpe:2.3:a:atlassian:jira:4.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:4.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:5.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.2.7:*:*:*:*:*:*:*
- Range: <6.3.0
- Range: <6.3.0
Patches
Vulnerability mechanics
References
5- www.securityfocus.com/bid/97379nvdThird Party AdvisoryVDB Entry
- confluence.atlassian.com/jira063/jira-security-advisory-2017-03-09-875604401.htmlnvdVendor Advisory
- jira.atlassian.com/browse/JRASERVER-64077nvdVendor Advisory
- www.kb.cert.org/vuls/id/307983nvdThird Party AdvisoryUS Government ResourceVDB Entry
- codewhitesec.blogspot.com/2017/04/amf.htmlnvdTechnical Description
News mentions
0No linked articles in our index yet.