Lucene search
K

13 matches found

Nuclei
Nuclei
added yesterday80 views

Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)

The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check. id: CVE-2020-29453 info: name: Jira Server Pre-Auth - Arbitrary File...

5.3CVSS6.2AI score0.23086EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2023/11/17 12:0 a.m.2 views

VulnCheck KEV: CVE-2019-8442

The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check...

7.5CVSS7.2AI score0.59832EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/03/14 12:0 a.m.40 views

Atlassian Jira 8.0.0 < 8.0.4 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.13.0 prior to 7.13.4, 8.0.0 prior to 8.0.4 or 8.1.0 prior to 8.1.1. It is, therefore, affected by multiple vulnerabilities: - A vulnerability which permits remote attackers w...

8.1CVSS6.5AI score0.59832EPSS
Exploits2References6
BDU FSTEC
BDU FSTEC
added 2023/01/31 12:0 a.m.4 views

The vulnerability of the CachingResourceDownloadRewriteRule implementation in the Jira bug tracking system allows a hacker to access files in the root directory.

The vulnerability of the CachingResourceDownloadRewriteRule implementation in the Jira bug tracking system is related to an incorrect limitation on the path to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to gain access to files in the root director...

7.8CVSS7.2AI score0.59832EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2021/02/22 9:15 p.m.18 views

CVE-2020-29453

The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access che...

5.3CVSS0.23086EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/02/18 3:9 p.m.24 views

CVE-2020-29453

The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access che...

5.5AI score0.23086EPSS
Exploits0References1
Atlassian
Atlassian
added 2021/01/21 5:58 p.m.40 views

Pre-Authorization Limited Arbitrary File Read in Jira Server - CVE-2020-29453

The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check. h3. Affected versions: version 8.5.11 8.6.0 ≤ version 8.13.3 8.14.0 ≤ versi...

5.3CVSS5.6AI score0.23086EPSS
Exploits0
Atlassian
Atlassian
added 2021/01/21 5:58 p.m.120 views

Pre-Authorization Limited Arbitrary File Read in Jira Server - CVE-2020-29453

The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check. h3. Affected versions: version 8.5.11 8.6.0 ≤ version 8.13.3 8.14.0 ≤ versi...

5.3CVSS5.7AI score0.23086EPSS
Exploits0Affected Software1
NVD
NVD
added 2019/05/22 6:29 p.m.24 views

CVE-2019-8442

The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check...

7.5CVSS7.4AI score0.59832EPSS
Exploits1References2
Prion
Prion
added 2019/05/22 6:29 p.m.21 views

Design/Logic Flaw

The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check...

5CVSS7.4AI score0.59832EPSS
Exploits1References2Affected Software2
Cvelist
Cvelist
added 2019/05/22 5:39 p.m.38 views

CVE-2019-8442

The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check...

7.4AI score0.59832EPSS
Exploits1References2
Atlassian
Atlassian
added 2019/04/29 3:50 a.m.179 views

Lax path access check allowing access to webroot files in the META-INF directory in the CachingResourceDownloadRewriteRule class - CVE-2019-8442

The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check...

7.5CVSS6AI score0.59832EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2019/04/29 3:50 a.m.45 views

Lax path access check allowing access to webroot files in the META-INF directory in the CachingResourceDownloadRewriteRule class - CVE-2019-8442

The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check...

7.5CVSS7.3AI score0.59832EPSS
Exploits1
Rows per page
Query Builder