Lucene search
Security-metrics-botATLASSIAN:JRASERVER-72010HistoryJan 21, 2021 - 9:12 a.m.
Unauthenticated information leakage of temporary files and project keys - CVE-2021-26069
2021-01-2109:12:40
security-metrics-bot
jira.atlassian.com
18
atlassian jira server
data center
information disclosure
EPSS
0.002
Percentile
61.0%
Affected versions of Atlassian Jira Server and Data Centerย allow unauthenticated remote attackers to download temporary files and enumerate project keys via an Information Disclosure vulnerability in theย /rest/api/1.0/issues/{id}/ActionsAndOperations API endpoint.
The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.15.0.
Affected versions:
- version < 8.5.11
- 8.6.0 โค version < 8.13.3
- 8.14.0 โค version < 8.15.0
Fixed versions:
- 8.5.11
- 8.13.3
- 8.15.0
Related
atlassian
atlassian
Unauthenticated user can Enumerate Issue Keys - CVE-2020-14185
2020-10-14 03:41:52
Unauthenticated user can Enumerate Issue Keys - CVE-2020-14185
2020-10-14 03:41:52
cvelist
cvelist
CVE-2020-14185
2020-10-05 00:00:00
CVE-2021-26069
2021-01-21 00:00:00
cve
cve
CVE-2020-14185
2020-10-15 22:15:11
CVE-2021-26069
2021-03-22 05:15:12
nvd
nvd
CVE-2020-14185
2020-10-15 22:15:11
CVE-2021-26069
2021-03-22 05:15:12
prion
prion
Information disclosure
2021-03-22 05:15:00
Code injection
2020-10-15 22:15:00
nessus
nessus
Atlassian JIRA < 7.13.18 / 8.x < 8.5.9 / 8.6.x < 8.12.2 Information Disclosure (JRASERVER-71696)
2020-10-22 00:00:00
Atlassian Jira < 8.5.11 Multiple Vulnerabilities
2021-07-02 00:00:00
Atlassian Jira 8.14.x < 8.15.0 Multiple Vulnerabilities
2021-07-02 00:00:00
cnvd
cnvd