Affected versions of Atlassian Fisheye and Crucible allow remote attackers to view a product’s SEN via an Information Disclosure vulnerability in the x-asen response header from Atlassian Analytics.
The affected versions are before version 4.8.4.
Affected versions:
Fixed versions: