vulnerability

Atlassian JIRA: Information Exposure (CVE-2019-8448)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Aug 13, 2019	Aug 23, 2019	Aug 23, 2019

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Aug 13, 2019

Added

Aug 23, 2019

Modified

Aug 23, 2019

Description

The login.jsp resource in Jira before version 7.13.4, and from version 8.0.0 before version 8.2.2 allows remote attackers to enumerate usernames via an information disclosure vulnerability.

Solution(s)

atlassian-jira-upgrade-7_13_4atlassian-jira-upgrade-8_2_2

References

CVE-2019-8448
https://attackerkb.com/topics/CVE-2019-8448

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today