Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mufeedvh/cve-2019-8449
CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
https://github.com/mufeedvh/cve-2019-8449
cve cve-2019-8449 cve-exploit exploit exploit-code exploit-database exploitdb exploiting-vulnerabilities exploits jira jira-api jira-issue jira-rest-api vulnerability
Last synced: 3 months ago
JSON representation
CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
- Host: GitHub
- URL: https://github.com/mufeedvh/cve-2019-8449
- Owner: mufeedvh
- Created: 2020-02-02T16:42:32.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2020-02-03T15:11:25.000Z (almost 5 years ago)
- Last Synced: 2024-05-23T10:00:58.608Z (8 months ago)
- Topics: cve, cve-2019-8449, cve-exploit, exploit, exploit-code, exploit-database, exploitdb, exploiting-vulnerabilities, exploits, jira, jira-api, jira-issue, jira-rest-api, vulnerability
- Language: Python
- Size: 6.84 KB
- Stars: 68
- Watchers: 3
- Forks: 20
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# CVE-2019-8449
CVE-2019-8449 Exploit for Jira Releases Below v8.3.4
CVSS Score: 5.0
Vulnerability Type(s): Information Disclosure
Authentication: Not Required
Affected Versions: 2.1 - 8.3.4
Publish Date: 2019-09-11
Exploit-DB: https://www.exploit-db.com/exploits/47990
# Description
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
# Usage
python CVE-2019-8449.py
# Links
* https://jira.atlassian.com/browse/JRASERVER-69796
* https://nvd.nist.gov/vuln/detail/CVE-2019-8449
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8449
* https://www.cvedetails.com/cve/CVE-2019-8449/