The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (MITM) vulnerability.
References
Link | Resource |
---|---|
https://jira.atlassian.com/browse/JRASERVER-71198 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
30 Mar 2022, 13:17
Type | Values Removed | Values Added |
---|---|---|
First Time |
Atlassian jira Data Center
|
|
CPE | cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:* |
25 Mar 2022, 17:18
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* | |
First Time |
Atlassian jira Server
|
Information
Published : 2020-07-01 02:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-14168
Mitre link : CVE-2020-14168
CVE.ORG link : CVE-2020-14168
JSON object : View
Products Affected
atlassian
- jira_data_center
- jira
- jira_software_data_center
- jira_server
CWE