CVE-2019-8446

Medium

The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect…

atlassian·CWE-863·Published 2019-08-23

CVSS

5.3

EPSS

0.18

KEV

Exploits

cve.orgen

154 chars

The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check.

NVDen

154 chars

The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check.

El recurso / rest / issueNav / 1 / issueTable en Jira antes de la versión 8.3.2 permite a los atacantes remotos enumerar nombres de usuario mediante una verificación de autorización incorrecta.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N