What is CVE-2019-20410?

CVE-2019-20410 is a medium-severity vulnerability in Atlassian Jira. CVSS score: 6.5/10. Published 2020-06-29.

How severe is CVE-2019-20410?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Atlassian Jira

CVE-2019-20410

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive information via an Information Disclosure vulnerability in the comment restriction feature. The affected versions are before version 7.6.17…

EPSS: 0.019 (76.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Atlassian Jira
Atlassian Jira_data_center
Atlassian Jira Server — versions unspecified, 7.7.0, unspecified
Atlassian Jira_server
Atlassian Jira_software_data_center

References

security@atlassian.com (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2019-20410?: CVE-2019-20410 is a medium-severity vulnerability in Atlassian Jira. CVSS score: 6.5/10. Published 2020-06-29.
How severe is CVE-2019-20410?: Medium severity. CVSS v3 base score is 6.5 out of 10.