CVE-2019-20898

2020-04-2200:00:00

atlassian

www.cve.org

7.3 High

AI Score

Confidence

High

0.013 Low

EPSS

Percentile

86.2%

JSON

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to access sensitive information without being authenticated in the Global permissions screen. The affected versions are before version 8.8.0.

CNA Affected

[
  {
    "product": "Jira Server",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "8.8.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

jira.atlassian.com/browse/JRASERVER-70942