2 matches found
Atlassian Jira 8.2 < 8.5.4 Support Files Improper Authorization Vulnerability (JRASERVER-70564)
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 8.2.x prior to 8.5.4. It is, therefore, affected by an improper authorization vulnerability. Support zip files could be downloaded by a system administrator user without...
CVE-2019-20402
Affected product: Atlassian Jira Server and Data Center. Vulnerability: improper authorization allows a System Administrator to download Support zip files without re-entering a password. Affected versions: Jira Server/Data Center before 8.6.0. Impact: potential unauthorized access to support file...