CVE-2020-14192
published 2021-02-02CVE-2020-14192: Affected versions of Atlassian Fisheye and Crucible allow remote attackers to view a product's SEN via an Information Disclosure vulnerability in the x-asen…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
Affected versions of Atlassian Fisheye and Crucible allow remote attackers to view a product's SEN via an Information Disclosure vulnerability in the x-asen response header from Atlassian Analytics. The affected versions are before version 4.8.4.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | crucible | < 4.8.4 | 4.8.4 |
| atlassian | crucible | >= unspecified < 4.8.4 | 4.8.4 |
| atlassian | fisheye | < 4.8.4 | 4.8.4 |
| atlassian | fisheye | >= unspecified < 4.8.4 | 4.8.4 |