{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T15:52:14.467","vulnerabilities":[{"cve":{"id":"CVE-2019-15011","sourceIdentifier":"security@atlassian.com","published":"2019-12-17T04:15:11.257","lastModified":"2024-11-21T04:27:52.183","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The ListEntityLinksServlet resource in Application Links before version 5.0.12, from version 5.1.0 before version 5.2.11, from version 5.3.0 before version 5.3.7, from version 5.4.0 before 5.4.13, and from version 6.0.0 before 6.0.5 disclosed application link information to non-admin users via a missing permissions check."},{"lang":"es","value":"El recurso ListEntityLinksServlet en Application Links en versiones anteriores a la 5.0.12, de la versión 5.1.0 en versiones anteriores a la 5.2.11, de la versión 5.3.0 en versiones anteriores a la 5.3.7, de la versión 5.4.0 en versiones anteriores a la 5.4.13 y de la versión 6.0.0 en versiones anteriores a la 6.0.5 divulgó la información del enlace de la aplicación a usuarios no administradores a mediante una verificación de permisos faltantes."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:application_links:*:*:*:*:*:*:*:*","versionEndExcluding":"5.0.12","matchCriteriaId":"525BCC1A-F1BD-4DA4-9D71-F796699C5C70"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:application_links:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1.0","versionEndExcluding":"5.2.11","matchCriteriaId":"FDC745BF-811E-4176-99BD-DC215A540D8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:application_links:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3.0","versionEndExcluding":"5.3.7","matchCriteriaId":"DB16B01F-FE38-4F7F-A438-522E734E1798"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:application_links:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.0","versionEndExcluding":"5.4.13","matchCriteriaId":"BB7BA4C7-CDF5-4EC3-BA7A-4DDDB220DD72"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:application_links:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.0.5","matchCriteriaId":"CFFFAEBE-9D34-4B1F-94AC-FBD319DE245A"}]}]}],"references":[{"url":"https://ecosystem.atlassian.net/browse/APL-1386","source":"security@atlassian.com","tags":["Vendor Advisory"]},{"url":"https://ecosystem.atlassian.net/browse/APL-1386","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}