Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistAtlassianCVELIST:CVE-2019-15004
HistoryNov 07, 2019 - 12:00 a.m.

CVE-2019-15004

2019-11-0700:00:00
atlassian
raw.githubusercontent.com

7.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.3%

JSON

The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.10, from 4.0.0 before 4.2.6, from 4.3.0 before 4.3.5, from 4.4.0 before 4.4.3, and from 4.5.0 before 4.5.1 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via a path traversal vulnerability. Note that when the ‘Anyone can email the service desk or raise a request in the portal’ setting is enabled, an attacker can grant themselves portal access, allowing them to exploit the vulnerability.

Related

cve 1
prion 1
symantec 1
atlassian 6
cve
cve
CVE-2019-15004
2019-11-07 04:15:00
prion
prion
Path traversal
2019-11-07 04:15:00
symantec
symantec
Atlassian Jira Service Desk Server and Data Center Multiple Security Vulnerabilities
2019-11-06 00:00:00
atlassian
atlassian
URL path traversal allows information disclosure - CVE-2019-15004
2019-10-11 03:12:10
Authorization bypass allows information disclosure - CVE-2019-15003
2019-10-11 03:21:44
URL path traversal allows information disclosure - CVE-2019-15004
2019-10-11 03:12:10

7.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.3%

JSON
Related for CVELIST:CVE-2019-15004
cve1prion1symantec1atlassian6