2020-06-16 13:01:22 +00:00
{
2020-07-01 02:01:28 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com" ,
"DATE_PUBLIC" : "2020-07-01T00:00:00" ,
"ID" : "CVE-2020-14168" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Jira Server and Data Center" ,
"version" : {
"version_data" : [
{
"version_value" : "7.13.16" ,
"version_affected" : "<"
} ,
{
"version_value" : "8.5.0" ,
"version_affected" : ">="
} ,
{
"version_value" : "8.5.7" ,
"version_affected" : "<"
} ,
{
"version_value" : "8.8.0" ,
"version_affected" : ">="
} ,
{
"version_value" : "8.8.2" ,
"version_affected" : "<"
} ,
{
"version_value" : "8.9.0" ,
"version_affected" : ">="
} ,
{
"version_value" : "8.9.1" ,
"version_affected" : "<"
}
]
}
}
]
} ,
"vendor_name" : "Atlassian"
}
]
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
2020-06-16 13:01:22 +00:00
{
2020-07-01 02:01:28 +00:00
"lang" : "eng" ,
"value" : "The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (MITM) vulnerability."
2020-06-16 13:01:22 +00:00
}
2020-07-01 02:01:28 +00:00
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "Man-in-the-Middle (MitM)"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"url" : "https://jira.atlassian.com/browse/JRASERVER-71198" ,
"refsource" : "MISC" ,
"name" : "https://jira.atlassian.com/browse/JRASERVER-71198"
}
]
}
}
