Multiple vulnerabilities in Infosysta In-App & Desktop Notifications for Jira
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2019-16906 CVE-2019-16909 CVE-2019-16908 CVE-2019-16907 |
| CWE-ID | CWE-287 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. Public exploit code for vulnerability #4 is available. |
| Vulnerable software Subscribe |
In-App & Desktop Notifications Web applications / Modules and components for CMS |
| Vendor | Infosysta |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Improper Authentication
EUVDB-ID: #VU22519
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-16906
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in the "/plugins/servlet/nfj/PushNotification?username=" URL. A remote attacker can modify the username, bypass authentication process and gain unauthorized read access to a different user's notifications.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIn-App & Desktop Notifications: 1.6.13_J8
External linkshttp://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-041.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Improper Authentication
EUVDB-ID: #VU22521
Risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-16909
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass authentication process.
The vulnerability exists due to an error in the "plugins/servlet/nfj/NotificationSettings" URI. A remote authenticated user without authorization for specific projects can bypass authentication process and obtain a list of all Jira projects.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIn-App & Desktop Notifications: 1.6.13_J8
External linkshttp://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-042.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Improper Authentication
EUVDB-ID: #VU22520
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-16908
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in the "plugins/servlet/nfj/ProjectFilter?searchQuery=" URI. A remote attacker can bypass authentication process and obtain a list of all Jira projects.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIn-App & Desktop Notifications: 1.6.13_J8
External linkshttp://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-042.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
4) Improper Authentication
EUVDB-ID: #VU22518
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-16907
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in the "plugins/servlet/nfj/UserFilter?searchQuery=@" URI. A remote attacker can bypass authentication process and obtain a list of all valid Jira usernames.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIn-App & Desktop Notifications: 1.6.13_J8
External linkshttp://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-043.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
