logo
DATABASE RESOURCES PRICING ABOUT US

SEN disclosure via HTTP Response headers - CVE-2020-14183

Description

Affected versions of Jira Server & Data Center allow a remote attacker with limited (non-admin) privileges to view a Jira instance's Support Entitlement Number (SEN) via an Information Disclosure vulnerability in the HTTP Response headers. *Affected versions:* * version < 7.13.18 * 8.0.0 ≤ version < 8.5.9 * 8.6.0 ≤ version < 8.12.1 *Fixed versions:* * 7.13.18 * 8.5.9 * 8.12.1 * 8.13.0 * 8.14.0


Affected Software


CPE Name Name Version
jira server and data center 6.4.1
jira server and data center 8.12.1
jira server and data center 8.13.0
jira server and data center 7.13.18
jira server and data center 8.5.9
jira server and data center 8.14.0

Related