Lucene search
AtlassianCVELIST:CVE-2020-14178HistorySep 01, 2020 - 12:00 a.m.
CVE-2020-14178
2020-09-0100:00:00
atlassian
www.cve.org
0.018 Low
EPSS
Percentile
88.1%
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate project keys via an Information Disclosure vulnerability in the /browse.PROJECTKEY endpoint. The affected versions are before version 7.13.7, from version 8.0.0 before 8.5.8, and from version 8.6.0 before 8.12.0.
CNA Affected
[
{
"product": "Jira Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.13.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
},
{
"lessThan": "8.5.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
},
{
"lessThan": "8.12.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
atlassian
atlassian
Project enumeration through /browse.PROJECTKEY - CVE-2020-14178
2020-08-31 21:25:15
Project enumeration through /browse.PROJECTKEY - CVE-2020-14178
2020-08-31 21:25:15
nvd
nvd
CVE-2020-14178
2020-09-01 05:15:10
cve
cve
CVE-2020-14178
2020-09-01 05:15:10
prion
prion
Information disclosure
2020-09-01 05:15:00