5.3
CVE-2020-14165
- EPSS 0.3%
- Veröffentlicht 01.07.2020 02:15:11
- Zuletzt bearbeitet 21.11.2024 05:02:47
- Quelle security@atlassian.com
- CVE-Watchlists
- Unerledigt
LoginThe UniversalAvatarResource.getAvatars resource in Jira Server and Data Center before version 8.9.0 allows remote attackers to obtain information about custom project avatars names via an Improper authorization vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Atlassian ≫ Jira Software Data Center Version < 8.9.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.3% | 0.5 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|