Skip to content
Nuclei Templates

Jira Server and Data Center - Information Disclosure

ID: CVE-2020-14181

Severity: medium

Author: bjhulst

Tags: cve,cve2020,atlassian,jira,packetstorm

Description

Section titled “Description”

Jira Server and Data Center is susceptible to information disclosure. An attacker can enumerate users via the /ViewUserHover.jspa endpoint and thus potentially access sensitive information, modify data, and/or execute unauthorized operations. Affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0.

YAML Source

Section titled “YAML Source”
id: CVE-2020-14181


info:
  name: Jira Server and Data Center - Information Disclosure
  author: bjhulst
  severity: medium
  description: Jira Server and Data Center is susceptible to information disclosure. An attacker can enumerate users via the /ViewUserHover.jspa endpoint and thus potentially access sensitive information, modify data, and/or execute unauthorized operations. Affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0.
  impact: |
    An attacker can gain access to sensitive information, potentially leading to further attacks.
  remediation: |
    Apply the necessary patches or updates provided by Atlassian to fix the vulnerability.
  reference:
    - https://jira.atlassian.com/browse/JRASERVER-71560
    - http://packetstormsecurity.com/files/161730/Atlassian-JIRA-8.11.1-User-Enumeration.html
    - https://nvd.nist.gov/vuln/detail/CVE-2020-14181
    - https://github.com/H4ckTh3W0r1d/Goby_POC
    - https://github.com/Rival420/CVE-2020-14181
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2020-14181
    cwe-id: CWE-200
    epss-score: 0.9645
    epss-percentile: 0.99579
    cpe: cpe:2.3:a:atlassian:data_center:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: atlassian
    product: data_center
    shodan-query:
      - http.component:"Atlassian Jira"
      - http.component:"atlassian jira"
  tags: cve,cve2020,atlassian,jira,packetstorm


http:
  - method: GET
    path:
      - '{{BaseURL}}/secure/ViewUserHover.jspa'


    matchers-condition: and
    matchers:
      - type: word
        words:
          - 'user-hover-details'
          - 'content="JIRA"'
        condition: and


      - type: status
        status:
          - 200
# digest: 4a0a00473045022100e3ce0a31349f3cc95190d9c863648ec9d027e0247027fa700a22efa31bcad41f0220431491f5dda7a92538e3b81fd60ae6252508a17532c65ea530830527659b5bdf:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2020/CVE-2020-14181.yaml"

View on Github