'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_app:atlassian_jira_webroot_infomation_disclosure_vulnerability(Rule ID:1070210334)

Release Date2025/9/15

Rule NameCVE-2019-8442:Atlassian Jira Webroot Information Disclosure Vulnerability

Severity:mid

CVE IDCVE-2019-8442

 

Descripiton

Jira is a defect tracking management system developed by Atlassian, an Australian company. This system is mainly used for tracking and managing various problems and defects in work. The CachingResourceDownloadRewriteRule class in Atlassian Jira before 7.13.4, 8.0.4, and 8.1.1 has a security vulnerability. Remote attackers can exploit this vulnerability to access files in Jira webroot. This rule supports to defend the A6: Vulnerable and Outdated Components of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.