Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistAtlassianCVELIST:CVE-2020-36237
HistoryFeb 04, 2021 - 12:00 a.m.

CVE-2020-36237

2021-02-0400:00:00
atlassian
www.cve.org

5.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.5%

JSON

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are before version 8.15.0.

CNA Affected

[
  {
    "product": "Jira Server",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "8.15.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Jira Data Center",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "8.15.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
cve 1
atlassian 2
nvd 1
prion
prion
Information disclosure
2021-02-15 00:15:00
cve
cve
CVE-2020-36237
2021-02-15 00:15:12
atlassian
atlassian
Custom field options are exposed via an unauthenticated REST API endpoint - CVE-2020-36237
2021-02-04 01:15:18
Custom field options are exposed via an unauthenticated REST API endpoint - CVE-2020-36237
2021-02-04 01:15:18
nvd
nvd
CVE-2020-36237
2021-02-15 00:15:12

5.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.5%

JSON
Related for CVELIST:CVE-2020-36237
prion1cve1atlassian2nvd1