Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

Vulnerability in Jira Is Fixed Which Enabled Attackers to Obtain Sensitive User Data

Positive Technologies expert Mikhail Klyuchnikov has discovered a vulnerability in Jira, a popular system for bug tracking, interaction with users, and project management. The vulnerability enables attackers to obtain sensitive information of users. Products by Atlassian, the Jira developer, are used by 170,000 clients in over 190 countries, 83 per cent of those clients are included in the Fortune Global 500. The vulnerability has been fixed.

Recommended AI News: Contour and Mphasis Partner to Accelerate the Digital Transformation of global Trade Finance

Mikhail Klyuchnikov, Senior Security Researcher at Positive Technologies said: “Such vulnerabilities help attackers to significantly save time in their attempts to breach systems: they make it possible to determine the presence of an account with a particular login in the system. By bruteforcing various logins, attackers can identify which users are present in the system. If a login exists, the system discloses the user’s personal data (in cases where such data is present), and if a login is not found, the system reports it. After bruteforcing the existing logins, the attackers could go on to bruteforce the passwords of each existing user. Without this vulnerability, attackers would have to haphazardly bruteforce the passwords to logins which might not exist in the system. The vulnerability reduces the time hackers would need and decreases the probability of being detected, which, ultimately, makes the target less attractive for attackers. That’s why we strongly recommend installing the updates.”

Related Posts
1 of 21,934

Recommended AI News: Schneider Electric Solar Expands Its Energy Management Ecosystem with New Smart Edge Devices

This vulnerability has a medium severity level. The error occurs because any unauthorized user can access a specific script. This flaw has been found in Jira Server and Data Center. To remediate the vulnerability, the company has released updates. The error has been fixed in product versions 7.13.6, 8.5.7, and 8.12.0.

Recommended AI News: Output Announces $45 Million Series A Investment From Summit Partners

Leave A Reply

Your email address will not be published.