6.5

CVE-2019-20410

EPSS 0.53%
Veröffentlicht 29.06.2020 06:15:10
Zuletzt bearbeitet 21.11.2024 04:38:24
Quelle security@atlassian.com
CVE-Watchlists
Login
Unerledigt
Login

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive information via an Information Disclosure vulnerability in the comment restriction feature. The affected versions are before version 7.6.17, from version 7.7.0 before 7.13.9, and from version 8.0.0 before 8.4.2.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Atlassian ≫ Jira Version < 7.6.17

Atlassian ≫ Jira Data Center Version >= 7.7.0 < 7.13.9

Atlassian ≫ Jira Data Center Version >= 8.0.0 < 8.4.2

Atlassian ≫ Jira Server Version >= 7.7.0 < 7.13.9

Atlassian ≫ Jira Server Version >= 8.0.0 < 8.4.2

Atlassian ≫ Jira Software Data Center Version < 7.6.17

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.53%	0.664

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N

https://jira.atlassian.com/browse/JRASERVER-70884

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-20410

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-20410

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-20410

EUVD