CVE-2019-20415: CSRF
First published: Tue Jun 30 2020(Updated: )
Atlassian Jira Server and Data Center in affected versions allows remote attackers to modify logging and profiling settings via a cross-site request forgery (CSRF) vulnerability. The affected versions are before version 7.13.3, and from version 8.0.0 before 8.1.0.
Credit: security@atlassian.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Atlassian JIRA | <7.13.3 | |
| Atlassian Jira Data Center | >=8.0.0<8.1.0 | |
| Atlassian Jira Server | >=8.0.0<8.1.0 | |
| Atlassian Jira Software Data Center | <7.13.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2019-20415.
What is the severity level of CVE-2019-20415?
The severity level of CVE-2019-20415 is medium with a value of 4.3 out of 10.
How does CVE-2019-20415 affect Atlassian Jira Server and Data Center?
CVE-2019-20415 allows remote attackers to modify logging and profiling settings via a cross-site request forgery (CSRF) vulnerability in Atlassian Jira Server and Data Center versions before 7.13.3 and from 8.0.0 before 8.1.0.
How can I fix the CVE-2019-20415 vulnerability?
To fix the CVE-2019-20415 vulnerability, update Atlassian Jira Server and Data Center to version 7.13.3 or later, or version 8.1.0 or later.
Where can I find more information about CVE-2019-20415?
You can find more information about CVE-2019-20415 at the following link: [CVE-2019-20415](https://jira.atlassian.com/browse/JRASERVER-70849).
- collector/nvd-index
- vendor/atlassian
- canonical/atlassian jira
- canonical/atlassian jira data center
- version/atlassian jira data center/8.0.0
- canonical/atlassian jira server
- version/atlassian jira server/8.0.0
- canonical/atlassian jira software data center