CVE-2020-14179 PoC — Atlassian Jira 信息泄露漏洞

Source

https://github.com/c0brabaghdad1/CVE-2020-14179

Associated Vulnerability

Title:Atlassian Jira 信息泄露漏洞 (CVE-2020-14179)
Description:Atlassian Jira是澳大利亚Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian Jira 存在安全漏洞。该漏洞源于Jira Server and Data Center允许远程、未经身份验证的攻击者通过/secure/QueryComponent!Default中的一个信息泄露漏洞查看定制字段名和定制SLA名。以下是受影响的产品及版本：8.5.8版本之前，8.6.0版本至8.11.1版本。

Description

CVE-2020-14179 Scanner

Readme

# CVE-2020-14179 Scanner

Sample scan (./CVE-2020-14179.pl -u jira.atlassian.com ) OR (./CVE-2020-14179.pl -u https://jira.atlassian.com )
![Sample](https://github.com/c0brabaghdad1/CVE-2020-14179/blob/master/images/url.png)

List scan (./CVE-2020-14179.pl -l list.txt)
![list](https://github.com/c0brabaghdad1/CVE-2020-14179/blob/master/images/list.png)

Show Options (./CVE-2020-14179.pl)
![Options](https://github.com/c0brabaghdad1/CVE-2020-14179/blob/master/images/options.png)

# How to install and use (* linux)
* git clone https://github.com/c0brabaghdad1/CVE-2020-14179.git
* cd CVE-2020-14179
* chmod +x CVE-2020-14179.pl 
* (./CVE-2020-14179.pl -u https://target.tld) OR (./CVE-2020-14179.pl -u target.tld)
* ./CVE-2020-14179.pl -l list.txt

File Snapshot


 [4.0K]  /data/pocs/6720734240a7c2bcd95ece31fb34d3a3e791af15
├── [2.1K]  CVE-2020-14179.pl
├── [4.0K]  images
│   ├── [ 42K]  list1.png
│   ├── [ 38K]  options.png
│   └── [ 25K]  url.png
└── [ 752]  README.md

1 directory, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!