Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Jira Unauthenticated Access to screens

By kannthu

Informative
Vidoc logoVidoc Module
#atlassian#jira
Description

Jira Unauthenticated Access to screens

What is the "Jira Unauthenticated Access to screens?"

The "Jira Unauthenticated Access to screens" module is designed to detect misconfigurations in Jira, an Atlassian software used for project management and issue tracking. This module focuses on identifying unauthenticated access to screens, which can pose a security risk. The severity of this module is informative, meaning it provides valuable information but does not directly indicate a vulnerability. The original author of this module is TESS.

Impact

Unauthenticated access to screens in Jira can potentially expose sensitive information, such as project details, issue descriptions, and user data. This module helps identify instances where unauthorized users can view screens without proper authentication, highlighting potential security weaknesses.

How does the module work?

The module sends an HTTP GET request to the "/rest/api/2/screens" endpoint in Jira. It then applies several matching conditions to determine if unauthenticated access to screens is possible. The matching conditions include:

- Checking for the presence of specific words in the response, such as "id", "name", and "description". - Verifying that the response status is 200 (OK). - Checking for the presence of the "atlassian.xsrf.token" header.

If all of these conditions are met, the module reports a potential misconfiguration of unauthenticated access to screens in Jira.

For more information, you can refer to the official Jira API documentation.

Metadata:

max-request: 1

shodan-query: http.component:"Atlassian Jira"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/rest/api/2/screens
Matching conditions
word: "id":, "name":, "description":and
status: 200and
word: atlassian.xsrf.token
Passive global matcher
No matching conditions.
On match action
Report vulnerability