CVE-2019-20898
First published: Wed Apr 22 2020(Updated: )
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to access sensitive information without being authenticated in the Global permissions screen. The affected versions are before version 8.8.0.
Credit: security@atlassian.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Atlassian JIRA | <8.8.0 | |
| Atlassian Jira Software Data Center | <8.8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-20898?
CVE-2019-20898 is a vulnerability in Atlassian Jira Server and Data Center that allows remote attackers to access sensitive information without authentication.
How severe is CVE-2019-20898?
CVE-2019-20898 is classified as high severity with a severity rating of 7.5.
Which versions of Atlassian Jira Server and Data Center are affected by CVE-2019-20898?
Versions of Atlassian Jira Server and Data Center before 8.8.0 are affected by CVE-2019-20898.
How can remote attackers exploit CVE-2019-20898?
Remote attackers can exploit CVE-2019-20898 to access sensitive information without being authenticated in the Global permissions screen.
Is there a fix available for CVE-2019-20898?
Yes, the fix for CVE-2019-20898 is available in version 8.8.0 of Atlassian Jira Server and Data Center.
- collector/nvd-index
- agent/author
- agent/references
- agent/severity
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/atlassian
- canonical/atlassian jira
- canonical/atlassian jira software data center