CVE-2019-8449
CVE-2019-8449 copied to clipboard
CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
CVE-2019-8449
CVE-2019-8449 Exploit for Jira Releases Below v8.3.4
CVSS Score: 5.0
Vulnerability Type(s): Information Disclosure
Authentication: Not Required
Affected Versions: 2.1 - 8.3.4
Publish Date: 2019-09-11
Exploit-DB: https://www.exploit-db.com/exploits/47990
Description
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
Usage
python CVE-2019-8449.py
Links
- https://jira.atlassian.com/browse/JRASERVER-69796
- https://nvd.nist.gov/vuln/detail/CVE-2019-8449
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8449
- https://www.cvedetails.com/cve/CVE-2019-8449/