CVE-2019-5095

MEDIUM

Atlassian Jira Tempo <4.10.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

An issue summary information disclosure vulnerability exists in Atlassian Jira Tempo plugin, version 4.10.0. Authenticated users can obtain the summary for issues they do not have permission to view via the Tempo plugin.

References (1)

Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0838

Scores

CVSS v3 4.3
EPSS 0.0112
EPSS Percentile 62.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-862
Status published
Products (1)
tempo/tempo 4.10.0
Published Oct 31, 2019
Tracked Since Feb 18, 2026