Vulnerability in Atlassian Jira
CVE-2019-14997
The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including their username, via an information expose through caching vulnerability when Jira is configured with a r…
EPSS: 0.002 (42.6th percentile) — read the EPSS interpretation.
Affected products
- Atlassian Jira — versions unspecified
Weakness classification (CWE)
References
- jira.atlassian.com/browse/JRASERVER-69794 (x_refsource_CONFIRM)