NASA Web App Leaked Employee Data

NASA Web App Leaked Employee Data

https://medium.com/@logicbomb_1/bugbounty-nasa-internal-user-and-project-details-are-out-2f2e3580421b

A NASA web app leaked details such as employee usernames, names, email addresses, and project names, ZDNet reported, citing bug hunter Avinash Jain.

The exposure originated from one of NASA's Jira installations, a web app that most companies use for tracking projects or internal bugs and issues.

“One of the biggest concerns of any company is ensuring that internal information is kept confidential and only available to specific individuals within and outside of an organization,” Jain’s report stated.

“There are a couple of settings in Jira that, when not configured properly, may disclose information about the application and its users and it can provide unauthorized access to some internal data of the companies to any other user over the internet. This information may aid an attacker in gaining access to the application,” the report added.

You might be interested also

The Iron Dome System. Credit: Rafael’s Spokesperson’s Office

Rafael Ends 2023 With Record NIS 14 Billion in Sales

The company also saw a net profit of NIS 588 million and a record in new orders, amounting to NIS 30 billion. It has been working intensively during the ongoing Swords of Iron War