Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Atlassian JIRA Setup - Installer" module is a test case designed to detect misconfigurations in the Atlassian JIRA software. JIRA is a popular project management tool used by organizations to track and manage their projects. This module focuses on identifying vulnerabilities related to the JIRA setup process. It has a high severity level, indicating that the identified misconfigurations can potentially lead to security risks.
This module was authored by ritikchaddha.
If the module detects a misconfiguration in the JIRA setup, it means that the installation process of JIRA has not been properly configured. This can result in various security vulnerabilities, potentially exposing sensitive data or allowing unauthorized access to the system. It is crucial to address any identified misconfigurations promptly to ensure the security and integrity of the JIRA installation.
The "Atlassian JIRA Setup - Installer" module works by sending HTTP requests to specific endpoints in the JIRA application. It then applies matching conditions to determine if a misconfiguration is present. One example of an HTTP request sent by this module is a GET request to the "/secure/SetupMode!default.jspa" path.
The module uses two matching conditions to identify misconfigurations:
- Matcher 1: It checks the response body for specific words such as "JIRA - JIRA setup" and "jira.webresources:jira-setup". If any of these words are found, it indicates a potential misconfiguration. - Matcher 2: It verifies that the HTTP response status is 200, indicating a successful request. If the status is different, the module does not consider it a match.By combining these matching conditions, the module can accurately detect misconfigurations in the JIRA setup process.