Lucene search
AtlassianCVELIST:CVE-2019-14997HistorySep 11, 2019 - 1:56 p.m.
CVE-2019-14997
2019-09-1113:56:26
CWE-524
atlassian
www.cve.org
7
The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including their username, via an information expose through caching vulnerability when Jira is configured with a reverse Proxy and or a load balancer with caching or a CDN.
CNA Affected
[
{
"product": "Jira",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "8.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
atlassian
atlassian
CDN caching can lead to leak of user information - CVE-2019-14997
2019-08-12 02:46:41
CDN caching can lead to leak of user information - CVE-2019-14997
2019-08-12 02:46:41
prion
prion
Authentication flaw
2019-09-11 14:15:00
cve
cve
CVE-2019-14997
2019-09-11 14:15:11
nvd
nvd
CVE-2019-14997
2019-09-11 14:15:11
nessus
nessus
Atlassian JIRA < 8.4.0 Multiple Vulnerabilities
2019-09-20 00:00:00
Atlassian Jira < 8.4.0 Multiple Vulnerabilities
2019-10-09 00:00:00