Atlassian Jira Unauth User Enumeration Vulnerability CVE-2020-36289 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

10

Atlassian Jira Unauth User Enumeration Vulnerability CVE-2020-36289 Scanner Detail

There is an unauthenticated user enumeration vulnerability in Atlassian Jira.

Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.

Some Advice for Common Problems

You have to update to latest version.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service