According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.4.0. It is, therefore, affected by multiple vulnerabilities:
A cross-site scripting (XSS) vulnerability exists in the WikiRenderer parser. A remote attacker can exploit this by creating a specially crafted request that executes arbitrary script code in a user’s browser session. (CVE-2019-8444)
An information disclosure vulnerability exists in the /rest/api/2/worklog/list rest resource. An authenticated, remote attacker can exploit this, to view worklog details for issues they do not have permission to view. (CVE-2019-8445)
An information disclosure vulnerability exists in the /rest/issueNav/1/issueTable rest resource. A remote anonymous attackers can exploit this to differentiate between valid usernames and invalid usernames. (CVE-2019-8446)
An information disclosure vulnerability exists in the /rest/api/latest/groupuserpicker resource. An unauthenticated, remote attacker can exploit this, to enumerate usernames due to an incorrect authorization check. (CVE-2019-8449)
A server-side request forgery (SSRF) vulnerability exists in the /plugins/servlet/gadgets/makeRequest resource due to a logic bug in the JiraWhitelist class. A remote attacker can exploit this to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability. (CVE-2019-8451)
An authentication bypass vulnerability exists in the /rest/api/1.0/render rest resource. An unauthenticated, remote attacker can exploit this, to determine if an attachment with a specific name exists and if an issue key is valid due to a missing permissions check. (CVE-2019-14995)
An information disclosure vulnerability exists in the AccessLogFilter class due to a caching vulnerability. A remote anonymous attackers can exploit this to access details about other users, including their username, when Jira is configured with a reverse Proxy and or a load balancer with caching or a CDN. (CVE-2019-14997)
A cross-site request forgery (XSRF) vulnerability exists in Webwork action Cross-Site Request Forgery (CSRF) protection. A remote attacker can exploit this by bypassing its protection by ‘cookie tossing’ a CSRF cookie from a subdomain of a Jira instance. (CVE-2019-14998)
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14995
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14997
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14998
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8444
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8445
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8446
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8449
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8451
confluence.atlassian.com/jirasoftware/issues-resolved-in-8-4-0-976767008.html
github.com/0xbug/CVE-2019-8451
jira.atlassian.com/browse/JRASERVER-69777
jira.atlassian.com/browse/JRASERVER-69778
jira.atlassian.com/browse/JRASERVER-69779
jira.atlassian.com/browse/JRASERVER-69791
jira.atlassian.com/browse/JRASERVER-69792
jira.atlassian.com/browse/JRASERVER-69793
jira.atlassian.com/browse/JRASERVER-69794
jira.atlassian.com/browse/JRASERVER-69796
www.talosintelligence.com/vulnerability_reports/TALOS-2019-0833
www.talosintelligence.com/vulnerability_reports/TALOS-2019-0835
www.talosintelligence.com/vulnerability_reports/TALOS-2019-0836
www.talosintelligence.com/vulnerability_reports/TALOS-2019-0837
www.talosintelligence.com/vulnerability_reports/TALOS-2019-0839
www.talosintelligence.com/vulnerability_reports/TALOS-2019-0840