Hi Community,
As you probably know JIRA is suffering because of CVE-2019-3403 vulnerability also known as usernames enumeration. See more details under https://nvd.nist.gov/vuln/detail/CVE-2019-3403.
Seems like the latest JIRA Server version is still vulnerable on this CVE even though the previous versions were patched (https://jira.atlassian.com/browse/JRASERVER-69242).
As I know from Atlassian Customer Support there is no fix for this as for now and neither there is no workaround on this.
Anybody suffering because of this CVE ? Are there any know workarounds to mitigate the risk?