Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistAtlassianCVELIST:CVE-2022-36800
HistoryAug 03, 2022 - 2:20 a.m.

CVE-2022-36800

2022-08-0302:20:31
atlassian
www.cve.org
3
atlassian
jira
information disclosure

AI Score

4.8

Confidence

High

EPSS

0.001

Percentile

35.3%

JSON

Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the “Browse Users” permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint. The affected versions are before version 4.22.2.

CNA Affected

[
  {
    "product": "Jira Service Management Server",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "4.22.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Jira Service Management Data Center",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "4.22.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
atlassian 1
nvd 1
cve 1
prion
prion
Information disclosure
2022-08-03 03:15:00
atlassian
atlassian
User without "Browse Users" permission can view groups - CVE-2022-36800
2022-07-27 01:53:20
nvd
nvd
CVE-2022-36800
2022-08-03 03:15:08
cve
cve
CVE-2022-36800
2022-08-03 03:15:08

AI Score

4.8

Confidence

High

EPSS

0.001

Percentile

35.3%

JSON
Related for CVELIST:CVE-2022-36800
prion1atlassian1nvd1cve1