Lucene search
Security-metrics-botJRASERVER-69240HistoryApr 29, 2019 - 3:47 a.m.
Authorisation bypass in the ViewUpgrades resource - CVE-2019-8443
2019-04-2903:47:05
security-metrics-bot
jira.atlassian.com
6
0.011 Low
EPSS
Percentile
84.3%
The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers who have obtained access to administrator’s session to access the ViewUpgrades administrative resource without needing to re-authenticate to pass “WebSudo” through an improper access control vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jira data center | le | 7.13.1 | |
| jira data center | lt | 8.1.1 | |
| jira data center | lt | 7.13.4 |
Related
atlassian
atlassian
Authorisation bypass in the ViewUpgrades resource - CVE-2019-8443
2019-04-29 03:47:05
prion
prion
Improper access control
2019-05-22 18:29:00
cvelist
cvelist
CVE-2019-8443
2019-05-08 00:00:00
cve
cve
CVE-2019-8443
2019-05-22 18:29:00
nessus
nessus
Atlassian Jira 7.13.x < 7.13.4, 8.0.x < 8.0.4, 8.1.x < 8.1.1 Multiple Vulnerabilities
2019-05-31 00:00:00
Atlassian Jira 8.0.0 < 8.0.4 Multiple Vulnerabilities
2023-03-14 00:00:00
Atlassian Jira 7.13.0 < 7.13.4 Multiple Vulnerabilities
2023-03-14 00:00:00