CVE-2019-3399

CVE-2019-3399

Vendor Atlassian

Product Jira

Weakness CWE-863 · Incorrect authorization

Published April 30, 2019

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to see information for archived projects through a missing authorisation check.

Key dates

02Disclosure timeline

April 30, 2019 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-3399

Related vulnerabilities

Identifiers

CVE CVE-2019-3399

CWE CWE-863

Affected versions

Vendor Atlassian

Product Jira

Affected ≥ unspecified and < 7.13.2

Vendor Atlassian

Product Jira

Affected ≥ 8.0.0 and < unspecified

Vendor Atlassian

Product Jira

Affected ≥ unspecified and < 8.0.2

01Description

02Disclosure timeline

03References

04Related CVE