CVE-2019-3399

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/04/2019
Last modified:
25/03/2022

Description

The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to see information for archived projects through a missing authorisation check.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* 7.13.2 (excluding)
cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* 8.0.0 (including) 8.0.2 (excluding)


References to Advisories, Solutions, and Tools