Authentication Bypass in Jira Software by Atlassian
CVE-2019-20407
4.3MEDIUM
What is CVE-2019-20407?
Jira Software and Jira Software Data Center have an authentication bypass vulnerability in the ConfigureBambooRelease resource. This flaw allows authenticated remote attackers to access release version information in projects for which they lack authorized access due to a missing authorization check. It poses a significant risk as unauthorized users can potentially view sensitive project release data, highlighting the importance of implementing strong access controls.
Affected Version(s)
Jira Software < 8.6.1