{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T11:22:20.607","vulnerabilities":[{"cve":{"id":"CVE-2019-20400","sourceIdentifier":"security@atlassian.com","published":"2020-02-06T03:15:10.280","lastModified":"2024-11-21T04:38:23.780","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global path environmental variable can inject code into via a DLL hijacking vulnerability."},{"lang":"es","value":"El uso de Tomcat en Jira antes de la versión 8.5.2, permite a atacantes locales con permiso para escribir un archivo dll en un directorio en la variable de entorno global path puede inyectar código por medio de una vulnerabilidad de secuestro de DLL."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:P/A:P","baseScore":4.4,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"8.3.2","versionEndExcluding":"8.5.2","matchCriteriaId":"D85353A5-9E6F-4D4A-8B4A-698645D12E75"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"8.5.3","versionEndExcluding":"8.6.0","matchCriteriaId":"C49F8053-7202-4EE9-9F30-65B80AF58B8A"}]}]}],"references":[{"url":"https://jira.atlassian.com/browse/JRASERVER-70407","source":"security@atlassian.com","tags":["Vendor Advisory"]},{"url":"https://jira.atlassian.com/browse/JRASERVER-70407","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}