Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Atlassian Jira Other Vulnerability - CVE-2019-14997 - Vulnerability Database
Atlassian Jira

Atlassian Jira Other Vulnerability - CVE-2019-14997

Medium
Reference: CVE-2019-14997
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-14997
Title: Atlassian Jira Other Vulnerability
Overview:

The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users including their username via an information expose through caching vulnerability when Jira is configured with a reverse Proxy and or a load balancer with caching or a CDN.