Home

CVE-2020-14168

Description

The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (MITM) vulnerability.

Risk Information

Base Score
5.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.328

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in Atlassian Jira 8.8.1Windows
Vulnerabilities CVE-2019-20403,CVE-2020-14167,CVE-2020-14168,CVE-2020-4021 are affected in Atlassian Jira Core Data Center 8.5.4Windows
Vulnerabilities CVE-2020-14167,CVE-2020-14168 are affected in Atlassian Jira Core Data Center 8.8.1Windows
Multiple Vulnerabilities are affected in Atlassian Jira Core Data Center 8.9.0Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234