Loading...

XML

Word

Printable

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 8.5.13, 8.13.5, 8.15.1, 8.16.0
Affects Version/s: 8.8.1, 8.5.11, 8.5.12
Component/s: None
Labels:

CVSS Score:
3.6
CVSS Severity:
Low
CVE ID:
CVE-2021-39122

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint.

The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.

*Affected versions:*

version < 8.5.13
8.6.0 ≤ version < 8.13.5
8.14.0 ≤ version < 8.15.1

*Fixed versions:*

8.5.13
8.13.5
8.15.1
8.16.0

relates to

JRASERVER-72272 Information Disclosure using JQL function membersOf - CVE-2020-36286

Closed

VULN-204886 Loading...

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 07/Apr/2021 6:10 AM

Updated:: 16/Sep/2021 5:28 AM

Resolved:: 08/Sep/2021 2:07 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates