Unrated severityNVD Advisory· Published Sep 11, 2019· Updated Sep 16, 2024
CVE-2019-14997
CVE-2019-14997
Description
The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including their username, via an information expose through caching vulnerability when Jira is configured with a reverse Proxy and or a load balancer with caching or a CDN.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- jira.atlassian.com/browse/JRASERVER-69794mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.