Details
-
Type:
Bug
-
Status: Closed (View Workflow)
-
Priority:
Low
-
Resolution: Fixed
-
Affects Version/s: 6.4.1
-
Component/s: None
-
Fixed in Long Term Support Release/s:
-
Introduced in Version:6.04
-
CVSS Score:4.3
-
Support reference count:1
-
Bug Fix Policy:
Description
Affected versions of Jira Server & Data Center allow a remote attacker with limited (non-admin) privileges to view a Jira instance's Support Entitlement Number (SEN) via an Information Disclosure vulnerability in the HTTP Response headers.
Affected versions:
- version < 7.13.18
- 8.0.0 ≤ version < 8.5.9
- 8.6.0 ≤ version < 8.12.1
Fixed versions:
- 7.13.18
- 8.5.9
- 8.12.1
- 8.13.0
- 8.14.0