PT-2020-13906 · Atlassian · Jira

Published

2020-07-01

Updated

2022-03-30

CVE-2020-14167

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Jira Server and Data Center versions prior to 7.13.4 Jira Server and Data Center versions 8.5.0 through 8.5.4 Jira Server and Data Center versions 8.8.0 through 8.8.1 Jira Server and Data Center versions 8.9.0 through 8.9.0

Description The issue allows remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability, affecting the MessageBundleResource resource.

Recommendations For versions prior to 7.13.4, update to version 7.13.4 or later. For versions 8.5.0 through 8.5.4, update to version 8.5.5 or later. For versions 8.8.0 through 8.8.1, update to version 8.8.2 or later. For versions 8.9.0 through 8.9.0, update to version 8.9.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-14167

Affected Products

Jira

PT-2020-13906 · Atlassian · Jira

CVE-2020-14167

Related Identifiers

Affected Products

References · 3