[asterisk-bugs] [JIRA] (ASTERISK-29251) Bug Report #21J61 (allowing an unauthenticated attacker to enumerate whether a user exists on the Jira or not )
Sound Ground (JIRA)
noreply at issues.asterisk.org
Sat Jan 16 06:53:59 CST 2021
Sound Ground created ASTERISK-29251:
---------------------------------------
Summary: Bug Report #21J61 (allowing an unauthenticated attacker to enumerate whether a user exists on the Jira or not )
Key: ASTERISK-29251
URL: https://issues.asterisk.org/jira/browse/ASTERISK-29251
Project: Asterisk
Issue Type: Bug
Security Level: None
Components: .Release/Targets
Affects Versions: 17.9.0
Reporter: Sound Ground
Hi,there.
I found the https://issues.asterisk.org/rest/api/2/dashboard?maxResults=100 host deployed the jira server which version is 7.9.2,there is many public vulnerabilities on this low version.
summary:
The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check.
step to reproduce
visit the URL address,you can check the user whether is exist on this host
https://issues.asterisk.org/rest/api/2/dashboard?maxResults=100
impact:
So the attacker can enumerate all existing users on this jira server.
CVE:
CVE-2019-3403
Recommendations for fix
updated the jira server's version or fixed
Attachments area
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list