Loading...

XML

Word

Printable

Details

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 9.0.0, 8.20.11, 8.13.25, 8.22.6
Affects Version/s: 8.13.0, 8.20.0, 8.21.0, 8.22.0, 8.13.24
Component/s: None
Labels:

CVSS Score:
3
CVSS Severity:
Low

Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to bypass WebSudo validation in order to download audit logs, via a Broken Access Control vulnerability in the /auditing/export/download endpoint.

Attachments

Issue Links

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(1 mentioned in)

Activity

People

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 22 Start watching this issue

Dates

Created:: 16/Mar/2022 5:14 AM

Updated:: 21/Feb/2023 3:40 PM

Resolved:: 06/Apr/2022 2:04 AM