Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2020-14181
HistorySep 17, 2020 - 1:15 a.m.

CVE-2020-14181

2020-09-1701:15:11
CWE-200
[email protected]
web.nvd.nist.gov
1

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.965 High

EPSS

Percentile

99.6%

JSON

Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0.

Affected configurations

NVD
Node
atlassiandata_centerRange<7.13.6
OR
atlassiandata_centerRange8.0.08.5.7
OR
atlassiandata_centerRange8.6.08.12.0
OR
atlassianjiraRange<7.13.6
OR
atlassianjira_serverRange8.0.08.5.7
OR
atlassianjira_serverRange8.6.08.12.0

Related

cvelist 1
atlassian 4
zdt 1
nuclei 1
packetstorm 1
cve 1
attackerkb 1
checkpoint_advisories 1
prion 1
nessus 1
exploitdb 1
githubexploit 2
rapid7blog 1
wallarmlab 1
cvelist
cvelist
CVE-2020-14181
2020-09-16 00:00:00
atlassian
atlassian
User Enumeration via /ViewUserHover.jspa - CVE-2020-14181
2020-09-16 03:13:06
User Enumeration via /ViewUserHover.jspa - CVE-2020-14181
2020-09-16 03:13:06
Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179
2020-09-10 04:31:31
zdt
zdt
Atlassian JIRA 8.11.1 - User Enumeration Exploit
2021-03-10 00:00:00
nuclei
nuclei
Jira Server and Data Center - Information Disclosure
2020-09-30 20:36:12
packetstorm
packetstorm
Atlassian JIRA 8.11.1 User Enumeration
2021-03-10 00:00:00
cve
cve
CVE-2020-14181
2020-09-17 01:15:11
attackerkb
attackerkb
CVE-2020-14181
2020-09-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Atlassian Jira Server Information Disclosure (CVE-2020-14181)
2020-11-05 00:00:00
prion
prion
Information disclosure
2020-09-17 01:15:00
nessus
nessus
Atlassian Jira < 7.13.16 / 8.x < 8.5.7 / 8.6.x < 8.12.0 User Enumeration (JRASERVER-71560)
2020-09-24 00:00:00
exploitdb
exploitdb
Atlassian JIRA 8.11.1 - User Enumeration
2021-03-10 00:00:00
githubexploit
githubexploit
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Atlassian Data Center
2020-10-26 17:07:28
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Atlassian Data Center
2021-02-05 07:48:19
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-09-17 19:59:18
wallarmlab
wallarmlab
Web vulnerabilities exploit weekly digest #1. March 8-15th 2021. VMware vCenter and Apache OFBiz RCE.
2021-03-16 18:22:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.965 High

EPSS

Percentile

99.6%

JSON
Related for NVD:CVE-2020-14181
cvelist1atlassian4zdt1nuclei1packetstorm1cve1attackerkb1checkpoint_advisories1prion1nessus1exploitdb1githubexploit2rapid7blog1wallarmlab1