Loading...

XML

Word

Printable

Details

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 8.19.1, 8.13.19
Affects Version/s: 8.5.18, 8.13.10, 8.19.0
Component/s: None
Labels:

CVSS Score:
7.5
CVSS Severity:
High
CVE ID:
CVE-2021-41312

Description

Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors endpoint.

The affected versions are before version 8.19.1.

Affected versions:

version < 8.19.1

Fixed versions:

> 8.19.1
Backported to LTS 8.13.19

Attachments

Issue Links

is related to: JSEC-990 Loading...

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(3 mentioned in)

Activity

People

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Dates

Created:: 15/Sep/2021 1:19 AM

Updated:: 21/Feb/2023 3:41 PM

Resolved:: 03/Nov/2021 4:01 AM