CVE-2020-29451
MEDIUMAtlassian Jira Server/Data Center <8.5.11, <8.6.0-8.13.3, <8.14.0-8...
Title source: llmDescription
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate Jira projects via an Information Disclosure vulnerability in the Jira Projects plugin report page. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.14.1.
References (1)
Core 1
Core References
Issue Tracking, Vendor Advisory x_refsource_misc
https://jira.atlassian.com/browse/JRASERVER-72000
Scores
CVSS v3
4.3
EPSS
0.0016
EPSS Percentile
35.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
Status
published
Products (3)
atlassian/data_center
< 8.5.11
atlassian/jira
< 8.5.11
atlassian/jira_server
8.6.0 - 8.13.3
Published
Feb 15, 2021
Tracked Since
Feb 18, 2026