Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2020/03/20 12:0 a.m.30 views

Atlassian JIRA < 8.6.1 Information Disclosure

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is before 8.6.1. It is, therefore, affected by a missing authorization check that allows an authenticated remote attacker to view release version information in projects that they do not...

4.3CVSS5.3AI score0.01198EPSS
Exploits0References2
NVD
NVD
added 2020/03/17 3:15 a.m.28 views

CVE-2019-20407

The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version 8.6.1 allows authenticated remote attackers to view release version information in projects that they do not have access to through an missing authorisation check...

4.3CVSS4.4AI score0.01198EPSS
Exploits0References1
CVE
CVE
added 2020/03/17 3:10 a.m.96 views

CVE-2019-20407

CVE-2019-20407 affects Jira Software and Jira Software Data Center (ConfigureBambooRelease resource) prior to version 8.6.1. An authenticated remote attacker can view release version information in projects to which they should not have access due to a missing authorization check. The issue is do...

4.3CVSS4.4AI score0.01198EPSS
Exploits0References1Affected Software2
Atlassian
Atlassian
added 2020/02/04 11:21 p.m.28 views

Information leak through broken access control in Jira Server and Data Center - CVE-2019-20407

The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version 8.6.1 allows authenticated remote attackers to view release version information in projects that they do not have access to through an missing authorisation check...

4.3CVSS4.9AI score0.01198EPSS
Exploits0
Atlassian
Atlassian
added 2020/02/04 11:21 p.m.42 views

Information leak through broken access control in Jira Server and Data Center - CVE-2019-20407

The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version 8.6.1 allows authenticated remote attackers to view release version information in projects that they do not have access to through an missing authorisation check...

4.3CVSS5.6AI score0.01198EPSS
Exploits0Affected Software1
Rows per page
Query Builder