CVE-2019-20402

Summary

Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without requiring the user to re-enter their password via an improper authorization vulnerability.

Affected Software

VendorProductVersion RangeStatus
AtlassianJira Serverunspecified < 8.6.0affected

Weaknesses

  • Improper Authorization

ADP Enrichment

CVE Program Container

Additional References

References