Loading...

XML

Word

Printable

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 8.13.19, 8.19.1
Affects Version/s: 8.5.18, 8.13.10, 8.19.0
Component/s: None
Labels:

CVSS Score:
7.5
CVSS Severity:
High
CVE ID:
CVE-2021-41312

Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors endpoint.

The affected versions are before version 8.19.1.

Affected versions:

version < 8.19.1

Fixed versions:

> 8.19.1
Backported to LTS 8.13.19

is related to: JSEC-990 Loading...

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(3 mentioned in)

Assignee:: Unassigned
Reporter:: Security Metrics Bot
Votes:: 0 Vote for this issue
Watchers:: 11 Start watching this issue

Created:: 15/Sep/2021 1:19 AM
Updated:: 21/Feb/2023 3:41 PM
Resolved:: 03/Nov/2021 4:01 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates