CVE-2020-4028 vulnerability in Atlassian Products
Published on June 23, 2020
Versions before 8.9.1, Various resources in Jira responded with a 404 instead of redirecting unauthenticated users to the login page, in some situations this may have allowed unauthorised attackers to determine if certain resources exist or not through an Information Disclosure vulnerability.
Products Associated with CVE-2020-4028
stack.watch emails you whenever new vulnerabilities are published in Atlassian Jira or Atlassian Jira Software Data Center. Just hit a watch button to start following.
Affected Versions
Atlassian Jira Server and Data Center:- Version unspecified and below 8.9.1 is affected.
Exploit Probability
EPSS
0.46%
Percentile
63.48%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.