CVE-2020-4029
01.07.2020, 02:15
The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center before version 8.5.5, from 8.6.0 before 8.7.2, and from 8.8.0 before 8.8.1 allows remote attackers to enumerate project names via an improper authorization vulnerability.Enginsight
| Vendor | Product | Version |
|---|---|---|
| atlassian | jira | 𝑥 < 8.5.5 |
| atlassian | jira_data_center | 8.6.0 ≤ 𝑥 < 8.7.2 |
| atlassian | jira_data_center | 8.8.0 ≤ 𝑥 < 8.8.1 |
| atlassian | jira_server | 8.6.0 ≤ 𝑥 < 8.7.2 |
| atlassian | jira_server | 8.8.0 ≤ 𝑥 < 8.8.1 |
| atlassian | jira_software_data_center | 𝑥 < 8.5.5 |
𝑥
= Vulnerable software versions