As you probably know JIRA is suffering because of CVE-2019-3403 vulnerability also known as usernames enumeration. See more details under https://nvd.nist.gov/vuln/detail/CVE-2019-3403.
Seems like the latest JIRA Server version is still vulnerable on this CVE even though the previous versions were patched (https://jira.atlassian.com/browse/JRASERVER-69242).
As I know from Atlassian Customer Support there is no fix for this as for now and neither there is no workaround on this.
Anybody suffering because of this CVE ? Are there any know workarounds to mitigate the risk?
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events