Uploaded image for project: 'Jira Platform Cloud'
  1. Jira Platform Cloud
  2. JRACLOUD-75661

Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179

XMLWordPrintable

      Issue Summary

      Jira Cloud allows remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint.

      Steps to Reproduce

      1. Access the Jira Cloud URL: https://hostname.atlassian.net/secure/QueryComponent!Default.jspa as anonymous user without logging in.

      Expected Results

      The endpoint should not expose custom field names etc.

      Actual Results

      It shows custom field names and custom SLA names.

      Update

      We have tested this issue in Jira Cloud and have found that the issue described in the ticket is not reproducible. If an unauthorised user tries to access the URL, the user can see default Jira fields - that are the same for any instance, not custom fields. Thus no sensitive information gets exposed & we have closed this ticket.

              Unassigned Unassigned
              vvisanakarrala Veera (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              25 Start watching this issue

                Created:
                Updated:
                Resolved: