From 088a435feacb51bbe228f17a4dfe0ad579fb1507 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 29 Jun 2020 06:01:28 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/20xxx/CVE-2019-20410.json | 154 +++++++++++++++++---------------- 2019/20xxx/CVE-2019-20411.json | 138 ++++++++++++++--------------- 2019/20xxx/CVE-2019-20412.json | 138 ++++++++++++++--------------- 3 files changed, 218 insertions(+), 212 deletions(-) diff --git a/2019/20xxx/CVE-2019-20410.json b/2019/20xxx/CVE-2019-20410.json index 874ff32b84d..8a319b60ee3 100644 --- a/2019/20xxx/CVE-2019-20410.json +++ b/2019/20xxx/CVE-2019-20410.json @@ -1,78 +1,80 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@atlassian.com", - "DATE_PUBLIC": "2020-07-03T00:00:00", - "ID": "CVE-2019-20410", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jira Server", - "version": { - "version_data": [ - { - "version_value": "7.6.17", - "version_affected": "<" - }, - { - "version_value": "7.7.0", - "version_affected": ">=" - }, - { - "version_value": "7.13.9", - "version_affected": "<" - }, - { - "version_value": "8.0.0", - "version_affected": ">=" - }, - { - "version_value": "8.4.2", - "version_affected": "<" - } - ] - } - } - ] - }, - "vendor_name": "Atlassian" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive information via an Information Disclosure vulnerability in the comment restriction feature. The affected versions are before version 7.6.17, from version 7.7.0 before 7.13.9, and from version 8.0.0 before 8.4.2." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security@atlassian.com", + "DATE_PUBLIC": "2020-07-03T00:00:00", + "ID": "CVE-2019-20410", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Jira Server", + "version": { + "version_data": [ + { + "version_value": "7.6.17", + "version_affected": "<" + }, + { + "version_value": "7.7.0", + "version_affected": ">=" + }, + { + "version_value": "7.13.9", + "version_affected": "<" + }, + { + "version_value": "8.0.0", + "version_affected": ">=" + }, + { + "version_value": "8.4.2", + "version_affected": "<" + } + ] + } + } + ] + }, + "vendor_name": "Atlassian" + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jira.atlassian.com/browse/JRASERVER-70884" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive information via an Information Disclosure vulnerability in the comment restriction feature. The affected versions are before version 7.6.17, from version 7.7.0 before 7.13.9, and from version 8.0.0 before 8.4.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://jira.atlassian.com/browse/JRASERVER-70884", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/JRASERVER-70884" + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20411.json b/2019/20xxx/CVE-2019-20411.json index 968ea9190a5..8e35c48f39f 100644 --- a/2019/20xxx/CVE-2019-20411.json +++ b/2019/20xxx/CVE-2019-20411.json @@ -1,70 +1,72 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@atlassian.com", - "DATE_PUBLIC": "2020-04-08T00:00:00", - "ID": "CVE-2019-20411", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jira Server", - "version": { - "version_data": [ - { - "version_value": "7.13.9", - "version_affected": "<" - }, - { - "version_value": "8.0.0", - "version_affected": ">=" - }, - { - "version_value": "8.4.2", - "version_affected": "<" - } - ] - } - } - ] - }, - "vendor_name": "Atlassian" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify Wallboard settings via a Cross-site request forgery (CSRF) vulnerability. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross-Site Request Forgery" - } + "CVE_data_meta": { + "ASSIGNER": "security@atlassian.com", + "DATE_PUBLIC": "2020-04-08T00:00:00", + "ID": "CVE-2019-20411", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Jira Server", + "version": { + "version_data": [ + { + "version_value": "7.13.9", + "version_affected": "<" + }, + { + "version_value": "8.0.0", + "version_affected": ">=" + }, + { + "version_value": "8.4.2", + "version_affected": "<" + } + ] + } + } + ] + }, + "vendor_name": "Atlassian" + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jira.atlassian.com/browse/JRASERVER-70881" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify Wallboard settings via a Cross-site request forgery (CSRF) vulnerability. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Request Forgery" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://jira.atlassian.com/browse/JRASERVER-70881", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/JRASERVER-70881" + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20412.json b/2019/20xxx/CVE-2019-20412.json index 449e487b352..a42942ac4c6 100644 --- a/2019/20xxx/CVE-2019-20412.json +++ b/2019/20xxx/CVE-2019-20412.json @@ -1,70 +1,72 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@atlassian.com", - "DATE_PUBLIC": "2020-04-08T00:00:00", - "ID": "CVE-2019-20412", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jira Server", - "version": { - "version_data": [ - { - "version_value": "7.13.9", - "version_affected": "<" - }, - { - "version_value": "8.0.0", - "version_affected": ">=" - }, - { - "version_value": "8.4.2", - "version_affected": "<" - } - ] - } - } - ] - }, - "vendor_name": "Atlassian" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate the following information via an Improper Authentication vulnerability: Workflow names; Project Key, if it is part of the workflow name; Issue Keys; Issue Types; Status Types. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security@atlassian.com", + "DATE_PUBLIC": "2020-04-08T00:00:00", + "ID": "CVE-2019-20412", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Jira Server", + "version": { + "version_data": [ + { + "version_value": "7.13.9", + "version_affected": "<" + }, + { + "version_value": "8.0.0", + "version_affected": ">=" + }, + { + "version_value": "8.4.2", + "version_affected": "<" + } + ] + } + } + ] + }, + "vendor_name": "Atlassian" + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://jira.atlassian.com/browse/JRASERVER-70882" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate the following information via an Improper Authentication vulnerability: Workflow names; Project Key, if it is part of the workflow name; Issue Keys; Issue Types; Status Types. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://jira.atlassian.com/browse/JRASERVER-70882", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/JRASERVER-70882" + } + ] + } +} \ No newline at end of file