admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-09-21 01:01:43 +00:00
parent cfa2a4718e
commit 4d498df294
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
2 changed files with 130 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
2020/14xxx/CVE-2020-14179.json
View File

@ -1,70 +1,72 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@atlassian.com", "ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2020-09-11T00:00:00", "DATE_PUBLIC": "2020-09-11T00:00:00",
"ID": "CVE-2020-14179", "ID": "CVE-2020-14179",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Jira Server", "product_name": "Jira Server",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "8.5.8", "version_value": "8.5.8",
"version_affected": "<" "version_affected": "<"
}, },
{ {
"version_value": "8.6.0", "version_value": "8.6.0",
"version_affected": ">=" "version_affected": ">="
}, },
{ {
"version_value": "8.11.1", "version_value": "8.11.1",
"version_affected": "<" "version_affected": "<"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "Atlassian" "vendor_name": "Atlassian"
} }
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are before version 8.5.8, and from version 8.6.0 before 8.11.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references": { "data_type": "CVE",
"reference_data": [ "data_version": "4.0",
{ "description": {
"url": "https://jira.atlassian.com/browse/JRASERVER-71536" "description_data": [
} {
] "lang": "eng",
} "value": "Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are before version 8.5.8, and from version 8.6.0 before 8.11.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-71536",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JRASERVER-71536"
}
]
}
} }

120
2020/14xxx/CVE-2020-14180.json
View File

@ -1,62 +1,64 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@atlassian.com", "ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2020-07-02T00:00:00", "DATE_PUBLIC": "2020-07-02T00:00:00",
"ID": "CVE-2020-14180", "ID": "CVE-2020-14180",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Jira Service Desk Server", "product_name": "Jira Service Desk Server",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "4.12.0", "version_value": "4.12.0",
"version_affected": "<" "version_affected": "<"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "Atlassian" "vendor_name": "Atlassian"
} }
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource. The affected versions are before version 4.12.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Broken Access Control"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references": { "data_type": "CVE",
"reference_data": [ "data_version": "4.0",
{ "description": {
"url": "https://jira.atlassian.com/browse/JSDSERVER-6917" "description_data": [
} {
] "lang": "eng",
} "value": "Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource. The affected versions are before version 4.12.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Broken Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/JSDSERVER-6917",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JSDSERVER-6917"
}
]
}
} }