Auto-merge PR#4771

2025-08-04 08:44:25 +00:00 · 2020-09-16 20:35:19 -04:00 · 2020-09-16 20:35:19 -04:00 · 06433d2cce
commit 06433d2cce
parent b7cc9964ce f6c745075d
1 changed files with 74 additions and 14 deletions
--- a/2020/14xxx/CVE-2020-14181.json
+++ b/2020/14xxx/CVE-2020-14181.json
@ -1,18 +1,78 @@
 {
-    "data_type": "CVE",
+   "CVE_data_meta": {
-    "data_format": "MITRE",
+      "ASSIGNER": "security@atlassian.com", 
-    "data_version": "4.0",
+      "DATE_PUBLIC": "2020-09-16T00:00:00",
-    "CVE_data_meta": {
+      "ID": "CVE-2020-14181", 
-        "ID": "CVE-2020-14181",
+      "STATE": "PUBLIC"
-        "ASSIGNER": "cve@mitre.org",
+   }, 
-        "STATE": "RESERVED"
+   "affects": {
-    },
+      "vendor": {
-    "description": {
+         "vendor_data": [
        "description_data": [
            {
-                "lang": "eng",
+               "product": {
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                  "product_data": [
                     {
                        "product_name": "Jira Server",
                        "version": {
                           "version_data": [
                              {
                                 "version_value": "7.13.6",
                                 "version_affected": "<"
                              },
                              {
                                 "version_value": "8.0.0",
                                 "version_affected": ">="
                              }, 
                              {
                                 "version_value": "8.5.7",
                                 "version_affected": "<"
                              },
                              {
                                 "version_value": "8.6.0",
                                 "version_affected": ">="
                              },
                              {
                                 "version_value": "8.12.0",
                                 "version_affected": "<"
                              }
                           ]
                        }
                     }
                  ]
               }, 
               "vendor_name": "Atlassian"
            }
-        ]
+         ]
-    }
+      }
   }, 
   "data_format": "MITRE", 
   "data_type": "CVE", 
   "data_version": "4.0", 
   "description": {
      "description_data": [
         {
            "lang": "eng", 
            "value": "Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0."
         }
      ]
   }, 
   "problemtype": {
      "problemtype_data": [
         {
            "description": [
               {
                  "lang": "eng", 
                  "value": "Broken Access Control"
               }
            ]
         }
      ]
   }, 
   "references": {
      "reference_data": [
         {
            "url": "https://jira.atlassian.com/browse/JRASERVER-71560"
         }
      ]
   }
 }