Affected versions of Jira Server & Data Center allow a remote attacker with limited (non-admin) privileges to view a Jira instance's Support Entitlement Number (SEN) via an Information Disclosure vulnerability in the HTTP Response headers. The affected versions are before version 7.13.18, from version 8.0.0 before 8.5.9, and from version 8.6.0 before 8.12.1.
References
Link | Resource |
---|---|
https://jira.atlassian.com/browse/JRASERVER-71646 | Permissions Required Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: atlassian
Published: 2020-10-05T00:00:00
Updated: 2020-10-06T22:20:13
Reserved: 2020-06-16T00:00:00
Link: CVE-2020-14183
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-10-06T23:15:12.040
Modified: 2020-10-19T13:51:11.470
Link: CVE-2020-14183
JSON object: View
Redhat Information
No data.
CWE