CVE-2019-3401

Summary

The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check.

Affected Software

VendorProductVersion RangeStatus
AtlassianJiraunspecified < 7.13.3affected
AtlassianJira8.0.0 < unspecifiedaffected
AtlassianJiraunspecified < 8.1.1affected

Weaknesses

  • CWE-863: Incorrect Authorization (CWE-863)

ADP Enrichment

CVE Program Container

Additional References

References