virus logo FortiClient Vulnerability

Atlassian Jira Software Server CVE-2020-36238 Authorization Bypass Vulnerability

description-logoDescription

The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a username is valid or not via a missing permissions check.

affected-products-logoAffected Applications

Jira Software Server

CVE References

CVE-2020-36238

Other References

https://jira.atlassian.com/projects/JRASERVER/issues/
ID 74239
Created Dec 20, 2022
Description
Updated		 Dec 14, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Atlassian
Patch manual
Application Jira Software Server