CVE-2020-29451 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2020-29451

CWE

https://cwe.mitre.org/data/definitions/.html

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate Jira projects via an Information Disclosure vulnerability in the Jira Projects plugin report page. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.14.1.

Affected Software

Name	Vendor	Start Version	End Version
Data_center	Atlassian	*	8.5.11 (excluding)
Data_center	Atlassian	8.6.0 (including)	8.13.3 (excluding)
Data_center	Atlassian	8.14.0 (including)	8.14.1 (excluding)
Jira	Atlassian	*	8.5.11 (excluding)
Jira_server	Atlassian	8.6.0 (including)	8.13.3 (excluding)
Jira_server	Atlassian	8.14.0 (including)	8.14.1 (excluding)

References

https://jira.atlassian.com/browse/JRASERVER-72000
https://jira.atlassian.com/browse/JRASERVER-72000