CVE-2019-20898

Published: Jul 13, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to access sensitive information without being authenticated in the Global permissions screen. The affected versions are before version 8.8.0.

Affected (2)

Products: Atlassian: Jira, Jira Software Data Center

Atlassian

2 products

Jira

Jira Software Data Center

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Atlassian Jira	Before 8.8.0
Atlassian Jira Software Data Center	Before 8.8.0

References (2)

https://jira.atlassian.com/browse/JRASERVER-70942

Source: security@atlassian.com

Vendor Advisory

https://jira.atlassian.com/browse/JRASERVER-70942

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.