mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
88 lines
3.4 KiB
JSON
88 lines
3.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "security@atlassian.com",
|
|
"DATE_PUBLIC": "2020-07-01T00:00:00",
|
|
"ID": "CVE-2020-14168",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Jira Server and Data Center",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "7.13.16",
|
|
"version_affected": "<"
|
|
},
|
|
{
|
|
"version_value": "8.5.0",
|
|
"version_affected": ">="
|
|
},
|
|
{
|
|
"version_value": "8.5.7",
|
|
"version_affected": "<"
|
|
},
|
|
{
|
|
"version_value": "8.8.0",
|
|
"version_affected": ">="
|
|
},
|
|
{
|
|
"version_value": "8.8.2",
|
|
"version_affected": "<"
|
|
},
|
|
{
|
|
"version_value": "8.9.0",
|
|
"version_affected": ">="
|
|
},
|
|
{
|
|
"version_value": "8.9.1",
|
|
"version_affected": "<"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Atlassian"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (MITM) vulnerability."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Man-in-the-Middle (MitM)"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://jira.atlassian.com/browse/JRASERVER-71198",
|
|
"refsource": "MISC",
|
|
"name": "https://jira.atlassian.com/browse/JRASERVER-71198"
|
|
}
|
|
]
|
|
}
|
|
} |