Security for everyone

CVE-2019-8446 Scanner

Detects 'User Enumeration' vulnerability in Atlassian Jira affects v. before 8.3.2.


Short Info



Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one

Domain, Ipv4



Jira is a popular project management tool developed by Atlassian. It is primarily used by software development teams to plan, track, and manage their work. Jira allows users to create, organize, and prioritize tasks, assign them to team members, and track progress through various stages of development. It is used by thousands of companies worldwide, including large enterprises like NASA, Uber, and Spotify.

However, the tool is not immune to security vulnerabilities. One such vulnerability is CVE-2019-8446 which was detected in Jira before version 8.3.2. This vulnerability allows remote attackers to enumerate usernames via an incorrect authorization check. It occurs when the user does not have the required permission to view the list of issues in the issue navigator, but Jira provides a partial response, revealing the usernames of Jira users.

This vulnerability could lead to potential security breaches if exploited by attackers. With the usernames, attackers can easily launch phishing attacks on unsuspecting users by gaining access to their accounts and stealing sensitive data. Furthermore, attackers can use the usernames to launch brute-force attacks on user passwords.

In conclusion, security vulnerabilities in digital assets are becoming increasingly common and it is essential to take precautions to protect them. offers pro features that provide a comprehensive vulnerability assessment report, automated scans, and 24/7 support. By using this platform, organizations can quickly and easily identify vulnerabilities in their digital assets and take appropriate measures to address them.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture