Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_113752HistoryMar 14, 2023 - 12:00 a.m.
Atlassian Jira 8.5.0 < 8.5.5 Multiple Vulnerabilities
2023-03-1400:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
atlassian jira
vulnerabilities
remote attackers
smtp server
man-in-the-middle
denial of service
dashboard & gadgets
0.005 Low
EPSS
Percentile
75.9%
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.7. It is, therefore, affected by multiple vulnerabilities:
-
A vulnerability which permits remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (MITM) vulnerability (CVE-2020-14168).
-
A flaw which permits remote attackers to impact the application’s availability via a Denial of Service (DoS) vulnerability in Dashboard & Gadgets (CVE-2020-14167).
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source dataRelated
nessus
nessus
Atlassian Jira 8.9.x < 8.9.1 Multiple Vulnerabilities.
2023-03-14 00:00:00
Atlassian Jira 8.8.0 < 8.8.2 Multiple Vulnerabilities
2023-03-14 00:00:00
Atlassian Jira < 7.13.14 Multiple Vulnerabilities
2023-03-14 00:00:00
nvd
nvd
CVE-2020-14168
2020-07-01 02:15:11
CVE-2020-14167
2020-07-01 02:15:11
prion
prion
Security feature bypass
2020-07-01 02:15:00
Denial of service
2020-07-01 02:15:00
atlassian
atlassian
Man-in-the-middle in Jira email client - CVE-2020-14168
2020-06-18 02:44:46
Man-in-the-middle in Jira email client - CVE-2020-14168
2020-06-18 02:44:46
Denial of service in Dashboard & Gadgets - CVE-2020-14167
2020-06-18 02:44:27
cve
cve
CVE-2020-14168
2020-07-01 02:15:11
CVE-2020-14167
2020-07-01 02:15:11
cvelist
cvelist
CVE-2020-14168
2020-07-01 00:00:00
CVE-2020-14167
2020-07-01 00:00:00