Published: 11/09/2019 Updated: 16/09/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

The /rest/api/1.0/render resource in Jira before version 8.4.0 allows remote anonymous malicious users to determine if an attachment with a specific name exists and if an issue key is valid via a missing permissions check.

Vulnerability Trend