CVE-2020-14168

Description

The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (MITM) vulnerability.

Affected products

• Atlassian / Jira Server and Data Centerunspecified – 7.13.16
• Atlassian / Jira Server and Data Center8.5.0 – unspecified
• Atlassian / Jira Server and Data Centerunspecified – 8.5.7
• Atlassian / Jira Server and Data Center8.8.0 – unspecified
• Atlassian / Jira Server and Data Centerunspecified – 8.8.2
• Atlassian / Jira Server and Data Center8.9.0 – unspecified
• Atlassian / Jira Server and Data Centerunspecified – 8.9.1

References

• MISChttps://jira.atlassian.com/browse/JRASERVER-71198