Skip to content
/ JiraVulChecker Public

Using this tool you can simply check common vulnerabilities on your target Jira server

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rezasarvani/JiraVulChecker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
jiravulchecker.py
jiravulchecker.py
 
 

Repository files navigation

JiraVulChecker

Using this tool you can simply check common vulnerabilities on your target jira server

Vulnerability List

This tool will check for below vulnerabilities:

Index Technique
1 CVE-2020-14179 (Information Disclosure)
2 CVE-2020-14181 (User Enumeration)
3 CVE-2020-14178 (Project Key Enumeration)
4 CVE-2019-3402 (XSS)
5 CVE-2019-11581 (SSTI)
6 CVE-2019-3396 (Path Traversal)
7 CVE-2019-8451 (SSRF)
8 CVE-2019-8449 (User Information Disclosure)
9 CVE-2019-3403 (User Enumeration)
10 CVE-2019-8442 (Sensitive Information Disclosure)

Prerequisites

python3.6+
'requests' module --> python -m pip install requests

Tool Switches

Switch Description
-u Your Target Domain. Ex: http(s)://example.tld
-c In order to check for CVE-2019-11581, you need to pass your JIRA session cookie to this switch
-s In order to check for CVE-2019-8451, you need to pass your own server to this switch. For example your burpcollaborator address (without any https(s))

Examples

python jiravulchecker.py -u "https://jira.example.tld"
python jiravulchecker.py -u "https://jira.example.tld" -c "D56D6AB0F83239B668101A23C84A68C6"
python jiravulchecker.py -u "https://jira.example.tld" -s "efxvmbbmoel8hq6up6mtnue04ot.burpcollaborator.net"

About

Using this tool you can simply check common vulnerabilities on your target Jira server

Topics

python jira poc vulnerability cve

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages