{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T05:15:43.041","vulnerabilities":[{"cve":{"id":"CVE-2019-20402","sourceIdentifier":"security@atlassian.com","published":"2020-02-06T03:15:10.450","lastModified":"2024-11-21T04:38:24.000","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without requiring the user to re-enter their password via an improper authorization vulnerability."},{"lang":"es","value":"Los archivos zip de soporte en Atlassian Jira Server y Data Center antes de que la versión 8.6.0, pudieran ser descargados por un usuario del Administrador de Sistema sin requerir que el usuario reingrese su contraseña por medio de una vulnerabilidad de autorización inapropiada."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*","versionEndExcluding":"8.6.0","matchCriteriaId":"D3F0ABD5-1124-4508-8F66-18F27B041CB6"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_software_data_center:*:*:*:*:*:*:*:*","versionEndExcluding":"8.6.0","matchCriteriaId":"A15DCC83-66F0-4495-AF87-3EBA4A295E2D"}]}]}],"references":[{"url":"https://jira.atlassian.com/browse/JRASERVER-70564","source":"security@atlassian.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://jira.atlassian.com/browse/JRASERVER-70564","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]}]}}]}