Lucene search
AtlassianCVELIST:CVE-2020-36231HistoryJan 21, 2021 - 12:00 a.m.
CVE-2020-36231
2021-01-2100:00:00
atlassian
www.cve.org
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.2.
CNA Affected
[
{
"product": "Jira Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "8.5.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
},
{
"lessThan": "8.13.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Jira Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "8.5.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
},
{
"lessThan": "8.13.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
atlassian
atlassian
Board metadata is viewable without permissions via IDOR - CVE-2020-36231
2021-01-20 01:40:19
Board metadata is viewable without permissions via IDOR - CVE-2020-36231
2021-01-20 01:40:19
cve
cve
CVE-2020-36231
2021-02-02 00:15:12
nessus
nessus
prion
prion
Spoofing
2021-02-02 00:15:00
nvd
nvd
CVE-2020-36231
2021-02-02 00:15:12