Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Jira Unauthenticated Dashboards

By kannthu

Informative
Vidoc logoVidoc Module
#atlassian#jira
Description

What is the "Jira Unauthenticated Dashboards?" module?

The "Jira Unauthenticated Dashboards" module is a test case designed to detect misconfigurations in Jira, an Atlassian software used for project management and issue tracking. This module focuses on identifying unauthenticated dashboards, which can pose a security risk if they contain sensitive information. The severity of this module is classified as informative, meaning it provides valuable insights but does not directly indicate a vulnerability.

This module was authored by TechbrunchFR.

Impact

The impact of unauthenticated dashboards in Jira can vary depending on the specific content and permissions associated with them. In some cases, these dashboards may expose sensitive project information, user details, or other confidential data to unauthorized individuals. This can potentially lead to data breaches, privacy violations, or unauthorized access to critical resources.

How does the module work?

The "Jira Unauthenticated Dashboards" module works by sending an HTTP GET request to the Jira API endpoint "/rest/api/2/dashboard?maxResults=100". It then applies matching conditions to determine if the response contains specific keywords such as "dashboards", "startAt", and "maxResults". If these keywords are present, the module considers the dashboard to be unauthenticated.

By detecting unauthenticated dashboards, this module helps identify potential security weaknesses in Jira configurations and allows administrators to take appropriate measures to secure their systems.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/rest/api/2/dashboar...
Matching conditions
word: dashboards, startAt, maxResults
Passive global matcher
No matching conditions.
On match action
Report vulnerability