CVE-2020-14183

Summary

Affected versions of Jira Server & Data Center allow a remote attacker with limited (non-admin) privileges to view a Jira instance's Support Entitlement Number (SEN) via an Information Disclosure vulnerability in the HTTP Response headers. The affected versions are before version 7.13.18, from version 8.0.0 before 8.5.9, and from version 8.6.0 before 8.12.1.

Affected Software

VendorProductVersion RangeStatus
AtlassianJira Serverunspecified < 7.13.18affected
AtlassianJira Server8.0.0 < unspecifiedaffected
AtlassianJira Serverunspecified < 8.5.9affected
AtlassianJira Server8.6.0 < unspecifiedaffected
AtlassianJira Serverunspecified < 8.12.1affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References