Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistAtlassianCVELIST:CVE-2019-20409
HistoryJun 23, 2020 - 12:00 a.m.

CVE-2019-20409

2020-06-2300:00:00
atlassian
www.cve.org

10 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.9%

JSON

The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote attackers to gain remote code execution if they were able to exploit a server side template injection vulnerability.

CNA Affected

[
  {
    "product": "Jira Server",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "8.8.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

nvd 1
cve 1
prion 1
atlassian 4
nvd
nvd
CVE-2019-20409
2020-06-23 06:15:11
cve
cve
CVE-2019-20409
2020-06-23 06:15:11
prion
prion
Design/Logic Flaw
2020-06-23 06:15:00
atlassian
atlassian
Template injection in Web Resources Manager - CVE-2020-14172
2020-04-21 22:27:59
Template injection in Web Resources Manager - CVE-2020-14172
2020-04-21 22:27:59
Make use of Secure Introspector in Velocity Templates - CVE-2019-20409
2020-04-22 01:53:30

10 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.9%

JSON
Related for CVELIST:CVE-2019-20409
nvd1cve1prion1atlassian4