QID 731295

Jira is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions.

Affected Versions:
Atlassian Jira Software versions 9.12.0 to 9.12.2
Atlassian Jira Software versions 9.11.0 to 9.11.3
Atlassian Jira Software versions 9.10.0 to 9.10.2
Atlassian Jira Software versions 9.9.0 to 9.9.2
Atlassian Jira Software versions 9.8.0 to 9.8.2
Atlassian Jira Software versions 9.7.0 to 9.7.2
Atlassian Jira Software versions 9.6.0
Atlassian Jira Software versions 9.5.0 to 9.5.1
Atlassian Jira Software versions 9.4.0 to 9.4.15
Atlassian Jira Software versions 9.3.0 to 9.3.3
Atlassian Jira Software versions 9.2.0 to 9.2.1
Atlassian Jira Software versions 9.1.0 to 9.1.1
Atlassian Jira Software versions 9.0.0
Atlassian Jira Software versions 8.22.x
Atlassian Jira Software versions 8.20.x

QID detection Logic: (Unauthenticated)
The QID sends a HTTP GET request to secure/Dashboard.jspa to check the vulnerable version of the products.

Successful exploitation of this vulnerability allows an unauthenticated attacker to expose assets in your environment susceptible to exploitation which has no impact to confidentiality, no impact to integrity, high impact to availability, and requires no user interaction leading to denial of service.