CVE-2022-39960
published 2022-09-17CVE-2022-39960: The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all…
PriorityP279medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
25.68%
97.7th percentile
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netic | group_export | < 1.0.3 | 1.0.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for unauthenticated POST requests to /plugins/servlet/groupexportforjira/admin/json with the parameter groupexport_download=true in the body. ↗
- →A successful exploitation response will contain both 'jiraGroupObjects' and 'groupName' in the response body, and the response header will include 'attachment' and 'jira-group-export', with HTTP status 200. ↗
- →Use Shodan queries for exposed Atlassian Jira instances as a reconnaissance pivot to identify potentially vulnerable targets. ↗
- ·The vulnerability affects only the Netic Group Export add-on versions before 1.0.3 for Atlassian Jira; the core Jira product itself is not vulnerable. ↗
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
vulncheck5.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cqfw-25xq-3wvj: The Netic Group Export add-on before 1
ghsa_unreviewed·2022-09-18
CVE-2022-39960 [MEDIUM] CWE-862 GHSA-cqfw-25xq-3wvj: The Netic Group Export add-on before 1
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.
VulnCheck
netic group_export Missing Authorization
vulncheck·2022·CVSS 5.3
CVE-2022-39960 [MEDIUM] netic group_export Missing Authorization
netic group_export Missing Authorization
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.
Affected: netic group_export
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2023-11-13&host_type=src&vulnerability=cve-2022-39960; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2023-12-05&host_type=src&vulnerability=cve-2022-39
No detection rules found.
Nuclei
Jira Netic Group Export <1.0.3 - Missing Authorization
nuclei·CVSS 5.3
CVE-2022-39960 [MEDIUM] Jira Netic Group Export <1.0.3 - Missing Authorization
Jira Netic Group Export <1.0.3 - Missing Authorization
Jira Netic Group Export add-on before 1.0.3 contains a missing authorization vulnerability. The add-on does not perform authorization checks, which can allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI and thereby potentially obtain sensitive information, modify data, and/or execute unauthorized operations.
Template:
id: CVE-2022-39960
info:
name: Jira Netic Group Export <1.0.3 - Missing Authorization
author: For3stCo1d
severity: medium
description: |
Jira Netic Group Export add-on before 1.0.3 contains a missing authorization vulnerability. The add-on does not perform authorization checks, which can allow an una
No writeups or analysis indexed.
2022-09-17
Published
Exploited in the wild