CVE-2019-20898

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to access sensitive information without being authenticated in the Global permissions screen. The affected versions are before version 8.8.0.

Published: Jul 13, 2020
Updated: Apr 13, 2023
CVE: CVE-2019-20898
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
atlassian / jira_software_data_center	-	8.8.0
atlassian / jira	-	8.8.0

https://jira.atlassian.com/browse/JRASERVER-70942

Vulnerability Database

290,020

CVE-2019-20898