Details
-
Type:
Bug
-
Status: Closed (View Workflow)
-
Priority:
Low
-
Resolution: Fixed
-
Affects Version/s: 4.8.3
-
Fix Version/s: 4.8.4
-
Component/s: Runtime platform
-
Symptom Severity:Minor
-
Bug Fix Policy:
Description
Affected versions of Atlassian Fisheye and Crucible allow remote attackers to view a product's SEN via an Information Disclosure vulnerability in the x-asen response header from Atlassian Analytics.
The affected versions are before version 4.8.4.
Affected versions:
- version < 4.8.4
Fixed versions:
- 4.8.4
Attachments
Issue Links
- is cloned from
-
FE-7334 Information disclosure of product SEN via the x-asen response header - CVE-2020-14192
-
- Closed
-