← back
CVE-2019-3399

CVE-2019-3399

EPSS 2.1%CWE-863
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 2.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
30 Apr 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to see information for archived projects through a missing authorisation check.
Affected products
Atlassian · Jira

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jira.atlassian.com/browse/JRASERVER-69246