Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Jira Unauthenticated Admin Projects

By kannthu

Informative
Vidoc logoVidoc Module
#atlassian#jira
Description

Jira Unauthenticated Admin Projects

What is the "Jira Unauthenticated Admin Projects" module?

The "Jira Unauthenticated Admin Projects" module is a test case designed to detect misconfigurations in Atlassian Jira. It targets the admin menu endpoint and checks for specific keywords, a successful response status, and the presence of an Atlassian XSRF token in the header. This module has an informative severity level and was authored by TESS.

Impact

This module does not have a direct impact on the system. Instead, it helps identify potential misconfigurations in the admin projects functionality of Atlassian Jira. By detecting these misconfigurations, system administrators can take appropriate actions to secure their Jira instances.

How does the module work?

The "Jira Unauthenticated Admin Projects" module works by sending an HTTP GET request to the "/rest/menu/latest/admin" endpoint of the target Jira instance. It then applies several matching conditions to determine if the response indicates a misconfiguration. These conditions include checking for specific keywords in the response body, a successful response status of 200, and the presence of the "atlassian.xsrf.token" header.

Here is an example of the HTTP request sent by the module:

GET /rest/menu/latest/admin

The module matches the response against the following conditions:

- The response body must contain the keywords "key," "link," "label," and "self." - The response status must be 200. - The "atlassian.xsrf.token" header must be present.

By analyzing the response and matching conditions, the module can identify potential misconfigurations in the admin projects functionality of Atlassian Jira.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/rest/menu/latest/ad...
Matching conditions
word: key, link, label, selfand
status: 200and
word: atlassian.xsrf.token
Passive global matcher
No matching conditions.
On match action
Report vulnerability