[%22Issue] Improper authorization on support files vulnerability in Jira - CVE-2019-20402 - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 8.6.0, 8.5.4
Affects Version/s: 8.2.3
Component/s: System Administration - Others
Labels:

Fixed in Long Term Support Release/s:

Download 8.5
Introduced in Version:
8.02
Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without requiring the user to re-enter their password via an improper authorization vulnerability.

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Affected customers:: 0 This affects my team

Watchers:: 0 Start watching this issue

Created:: 29/Jan/2020 11:18 PM

Updated:: 22/May/2020 8:25 AM

Resolved:: 30/Jan/2020 4:52 PM

Details

Description

Attachments

Forms

Activity

[JRASERVER-70564] Improper authorization on support files vulnerability in Jira - CVE-2019-20402

People

Dates