CVE-2020-4029

Summary

The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center before version 8.5.5, from 8.6.0 before 8.7.2, and from 8.8.0 before 8.8.1 allows remote attackers to enumerate project names via an improper authorization vulnerability.

Affected Software

VendorProductVersion RangeStatus
AtlassianJira Server and Data Centerunspecified < 8.5.5affected
AtlassianJira Server and Data Center8.6.0 < unspecifiedaffected
AtlassianJira Server and Data Centerunspecified < 8.7.2affected
AtlassianJira Server and Data Center8.8.0 < unspecifiedaffected
AtlassianJira Server and Data Centerunspecified < 8.8.1affected

Weaknesses

  • Improper authorization

ADP Enrichment

CVE Program Container

Additional References

References