Описание
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view object import configuration details via an Information Disclosure vulnerability in the Create Object type mapping feature. The affected versions are before version 4.21.0.
Ссылки
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.21.0 (исключая)Версия до 4.21.0 (исключая)
Одно из
cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*
cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*
EPSS
Процентиль: 54%
0.00317
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
около 4 лет назад
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view object import configuration details via an Information Disclosure vulnerability in the Create Object type mapping feature. The affected versions are before version 4.21.0.
EPSS
Процентиль: 54%
0.00317
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200