Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Affected versions of Jira Server allow remote unauthenticated attackers to enumerate issue keys via a missing permissions check in the ActionsAndOperations resource. The affected versions are before 7.13.18, from version 8.0.0 before 8.5.9, and from version 8.6.0 before version 8.12.2.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian JIRA Server 信息泄露漏洞
Vulnerability Description
Atlassian JIRA Server是澳大利亚Atlassian公司的一套缺陷跟踪管理系统的服务器版本。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Jira Server 存在信息泄露漏洞,该漏洞源于网络系统或产品在运行过程中存在配置等错误。未授权的攻击者可利用漏洞获取受影响组件敏感信息。攻击者可利用该漏洞通过ActionsAndOperations资源中的缺失权限检查来枚举问题密钥。以下产品及版本受到影响:7.13.18之前版本,8.5.9之前版本8.0.0和8.12.2之前版本,8.6.
CVSS Information
N/A
Vulnerability Type
N/A