{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T00:14:34.267","vulnerabilities":[{"cve":{"id":"CVE-2020-36289","sourceIdentifier":"security@atlassian.com","published":"2021-05-12T04:15:07.267","lastModified":"2024-11-21T05:29:13.343","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1."},{"lang":"es","value":"Las versiones afectadas de Atlassian Jira Server y Data Center permiten a un usuario no autenticado enumerar usuarios a través de una vulnerabilidad de divulgación de información en el endpoint QueryComponentRendererValue!Default.jspa. Las versiones afectadas son anteriores a la versión 8.5.13, desde la versión 8.6.0 antes de la 8.13.5, y desde la versión 8.14.0 antes de la 8.15.1"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:data_center:*:*:*:*:*:*:*:*","versionEndExcluding":"8.5.13","matchCriteriaId":"A455FC63-AF29-4D31-8E11-AA5671D12E06"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*","versionEndExcluding":"8.5.13","matchCriteriaId":"FA8144D6-FDAF-4B92-BE54-832893AC0A1E"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*","versionStartIncluding":"8.6.0","versionEndExcluding":"8.13.5","matchCriteriaId":"26055208-F18D-4FF9-A442-7DD62D80F7E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*","versionStartIncluding":"8.14.0","versionEndExcluding":"8.15.1","matchCriteriaId":"9F4C4682-A56A-4BEA-AFD7-6F116FCE8EF9"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"8.6.0","versionEndExcluding":"8.13.5","matchCriteriaId":"9DF55918-44C7-4DC9-BD66-9FD9BA64A955"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"8.14.0","versionEndExcluding":"8.15.1","matchCriteriaId":"3C31DC16-F8E3-4261-B539-C251E4BBC584"}]}]}],"references":[{"url":"https://jira.atlassian.com/browse/JRASERVER-71559","source":"security@atlassian.com","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]},{"url":"https://jira.atlassian.com/browse/JRASERVER-71559","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]}]}}]}