cbcvebase.
CVE-2020-36231
published 2021-02-02

CVE-2020-36231: Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure…

medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.2.

Affected

12 ranges
VendorProductVersion rangeFixed in
atlassianjira< 8.5.108.5.10
atlassianjira_data_center
atlassianjira_data_center>= 8.6.0 < unspecifiedunspecified
atlassianjira_data_center>= 8.6.0 < 8.13.28.13.2
atlassianjira_data_center>= unspecified < 8.5.108.5.10
atlassianjira_data_center>= unspecified < 8.13.28.13.2
atlassianjira_server
atlassianjira_server>= 8.6.0 < unspecifiedunspecified
atlassianjira_server>= 8.6.0 < 8.13.28.13.2
atlassianjira_server>= unspecified < 8.5.108.5.10
atlassianjira_server>= unspecified < 8.13.28.13.2
atlassianjira_software_data_center< 8.5.108.5.10