H3-2022-0013¶

Unauthenticated Access to Jira Projects

Description¶

A possible misconfiguration in Jira application settings allows unauthenticated users to see some projects.

Impact¶

Depending on the content of the projects they may contain sensitive data that should not be made public.

References¶

• Jira: Control anonymous user access
• MITRE ATT&CK Technique: T1213: Data from Information Repositories