Vulnerability in Atlassian Jira
CVE-2019-20898
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to access sensitive information without being authenticated in the Global permissions screen. The affected versions are before version 8.8.0.
EPSS: 0.013 (66.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Atlassian Jira
- Atlassian Jira Server — versions unspecified
- Atlassian Jira_software_data_center
References
- security@atlassian.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2019-20898?
- CVE-2019-20898 is a high-severity vulnerability in Atlassian Jira. CVSS score: 7.5/10. Published 2020-07-13.
- How severe is CVE-2019-20898?
- High severity. CVSS v3 base score is 7.5 out of 10.