Loading...

Log In
Published

XML

Word

Printable

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 8.13.25, 8.20.11, 8.22.6, 9.0.0
Affects Version/s: 8.13.0, 8.13.24, 8.20.0, 8.21.0, 8.22.0
Component/s: None
Labels:

CVSS Score:
3
CVSS Severity:
Low

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to bypass WebSudo validation in order to download audit logs, via a Broken Access Control vulnerability in the /auditing/export/download endpoint.

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(1 mentioned in)

Assignee:: Unassigned
Reporter:: Security Metrics Bot
Votes:: 0 Vote for this issue
Watchers:: 21 Start watching this issue

Created:: 16/Mar/2022 5:14 AM
Updated:: 21/Feb/2023 3:40 PM
Resolved:: 06/Apr/2022 2:04 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates