Lucene search
Security-metrics-botATLASSIAN:JRASERVER-71696HistoryOct 14, 2020 - 3:41 a.m.
Unauthenticated user can Enumerate Issue Keys - CVE-2020-14185
2020-10-1403:41:52
security-metrics-bot
jira.atlassian.com
30
EPSS
0.002
Percentile
61.0%
Affected versions of Jira Server allow remote unauthenticated attackers to enumerate issue keys via a missing permissions check in the ActionsAndOperations resource.
The affected versions are before 7.13.18, from version 8.0.0 before 8.5.9, and from version 8.6.0 before version 8.12.2.
Affected versions:
- version < 7.13.18
- 8.0.0 ≤ version < 7.13.18
- 8.6.0 ≤ version < 8.12.2
Fixed versions:
- 7.13.18
- 8.5.9
- 8.12.2
Related
atlassian
atlassian
cvelist
cvelist
CVE-2020-14185
2020-10-05 00:00:00
CVE-2021-26069
2021-01-21 00:00:00
cve
cve
CVE-2020-14185
2020-10-15 22:15:11
CVE-2021-26069
2021-03-22 05:15:12
nvd
nvd
CVE-2020-14185
2020-10-15 22:15:11
CVE-2021-26069
2021-03-22 05:15:12
prion
prion
Information disclosure
2021-03-22 05:15:00
Code injection
2020-10-15 22:15:00
nessus
nessus
Atlassian JIRA < 7.13.18 / 8.x < 8.5.9 / 8.6.x < 8.12.2 Information Disclosure (JRASERVER-71696)
2020-10-22 00:00:00
Atlassian Jira < 8.5.11 Multiple Vulnerabilities
2021-07-02 00:00:00
Atlassian Jira 8.14.x < 8.15.0 Multiple Vulnerabilities
2021-07-02 00:00:00
cnvd
cnvd