Headline
CVE-2022-38367: CVE-2022-38367
The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint.
Description
The Netic User Export add-on before 2.0.6 for Atlassian Jira
does not perform authorization checks. This might allow an unauthenticated user to
export all users from Jira by making an HTTP request to the affected endpoint.
------------------------------------------
Additional Information
After the issue was disclosed to the people responsible, the vulnerability was patched and older versions
of the app are no longer accessible on the Atlassian marketplace. However, there might be still
Jira instances that have not updated the vulnerable application.
------------------------------------------
Vulnerability Type
Incorrect Access Control
------------------------------------------
Vendor of Product
Atlassian
------------------------------------------
Affected Product Code Base
User Export for Jira < 2.0.6
------------------------------------------
Affected Component
User Export for Jira - https://marketplace.atlassian.com/apps/1220535/user-export-for-jira
------------------------------------------
Attack Type
Remote
------------------------------------------
Impact Information Disclosure
true
------------------------------------------
Attack Vectors
To exploit the vulnerability, an instance should have the managed app installed (User Export for Jira),
and the unauthenticated attacker can make an HTTP request to the affected endpoint and export the users
from Jira. Afterwards, the attacker could perform a password spraying/brute-force attack.
------------------------------------------
Has vendor confirmed or acknowledged the vulnerability?
true
------------------------------------------
Reference
https://marketplace.atlassian.com/apps/1220535/user-export-for-jira