The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check.
References
Link | Resource |
---|---|
https://jira.atlassian.com/browse/JRASERVER-69777 | Vendor Advisory |
https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0839 | Exploit Third Party Advisory |
Configurations
History
28 Mar 2022, 13:05
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* | |
First Time |
Atlassian jira Server
|
Information
Published : 2019-08-23 14:15
Updated : 2023-12-10 12:59
NVD link : CVE-2019-8446
Mitre link : CVE-2019-8446
CVE.ORG link : CVE-2019-8446
JSON object : View
Products Affected
atlassian
- jira_server
CWE
CWE-863
Incorrect Authorization