Summary
Security updates fix a vulnerability in Atlassian Jira Core Data Center. This vulnerability, if exploited, could allow an unauthorised attacker to access confidential information on target systems.
Risk
Estimated impact of the vulnerability on the target community: HIGH/ORANGE (65.33/100)1.
Type
- Information Disclosure
Affected products and versions
Jira Data Center and Server, versions
- 9.12.0 to 9.12.7 (LTS)
- 9.4.0 to 9.4.20 (LTS)
Jira Service Management Data Center and Server, versions
- 5.12.0 to 5.12.7 (LTS)
- 5.4.0 to 5.4.20 (LTS)
Mitigation actions
In line with vendor statements, it is recommended that mitigation actions be undertaken following the instructions provided in the security bulletin in the References section.
Unique Vulnerability Identifiers
References
https://confluence.atlassian.com/security/security-bulletin-june-18-2024-1409286211.htm
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, prevalence of affected software/devices in the target community.
