'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_app:atlassian_jira_server_information_disclosure_vulnerability(Rule ID:1070210487)

Release Date2025/9/15

Rule NameCVE-2020-14179:Atlassian Jira Server Information Disclosure Vulnerability

Severity:high

CVE IDCVE-2020-14179

 

Descripiton

Atlassian Jira is a defect tracking and management system of Atlassian Company in Australia. This system is mainly used for tracking and managing various problems and defects in the work. This vulnerability stems from the fact that Jira Server and Data Center allows remote, unauthenticated attackers to access /secure/QueryComponent! Check the custom field name and custom SLA name for an information leakage vulnerability in Default. This rule supports to defend the A6: Vulnerable and Outdated Components of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.