CVE-2020-14167
HIGHAtlassian Jira < 7.13.14, 8.5.0-8.5.5, 8.8.0-8.8.2, 8.9.0-8.9.1 - Denial of Service via MessageBundleResource
Title source: llmDescription
The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 before 8.5.5, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to impact the application's availability via an Denial of Service (DoS) vulnerability.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://jira.atlassian.com/browse/JRASERVER-71197
Scores
CVSS v3
7.5
EPSS
0.0060
EPSS Percentile
69.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (4)
atlassian/jira
< 7.13.14
atlassian/jira_data_center
8.5.0 - 8.5.5
atlassian/jira_server
8.5.0 - 8.5.5
atlassian/jira_software_data_center
< 7.13.14
Published
Jul 01, 2020
Tracked Since
Feb 18, 2026