-
Type:
Public Security Vulnerability
-
Resolution: Fixed
-
Priority:
Low
-
Affects Version/s: 8.5.0, 8.13.0, 8.14.0
-
Component/s: None
-
7.5
-
High
-
CVE-2021-26070
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource.
The affected versions are before version 8.13.3, and from version 8.14.0 before 8.14.1.
Affected versions:
- version < 8.13.3
- 8.14.0 ≤ version < 8.14.1
Fixed versions:
- 8.13.3
- 8.14.1
- 8.15.0