Lucene search
AtlassianCVELIST:CVE-2020-14185HistoryOct 05, 2020 - 12:00 a.m.
CVE-2020-14185
2020-10-0500:00:00
atlassian
www.cve.org
Affected versions of Jira Server allow remote unauthenticated attackers to enumerate issue keys via a missing permissions check in the ActionsAndOperations resource. The affected versions are before 7.13.18, from version 8.0.0 before 8.5.9, and from version 8.6.0 before version 8.12.2.
CNA Affected
[
{
"product": "Jira Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.13.18",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
},
{
"lessThan": "8.12.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Code injection
2020-10-15 22:15:00
nvd
nvd
CVE-2020-14185
2020-10-15 22:15:11
nessus
nessus
cve
cve
CVE-2020-14185
2020-10-15 22:15:11
atlassian
atlassian
Unauthenticated user can Enumerate Issue Keys - CVE-2020-14185
2020-10-14 03:41:52
Unauthenticated user can Enumerate Issue Keys - CVE-2020-14185
2020-10-14 03:41:52