Lucene search
China National Vulnerability DatabaseCNVD-2022-05447HistoryNov 04, 2021 - 12:00 a.m.
Atlassian Jira Access Control Error Vulnerability (CNVD-2022-05447)
2021-11-0400:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.001 Low
EPSS
Percentile
35.5%
Atlassian Jira is a defect tracking management system from Atlassian Australia. Atlassian Jira is vulnerable due to an access control error in the product’s /secure/admin/ConfigureBatching!default.jspa file, which fails to properly handle user permissions. An attacker could use an unauthorized user to edit the email batch configuration through this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| atlassian jira server | lt | 8.21.0 | |
| atlassian data center | lt | 8.21.0 |
Related
cvelist
cvelist
CVE-2021-41313
2021-10-26 00:00:00
cve
cve
CVE-2021-41313
2021-11-01 03:15:06
nessus
nessus
Atlassian Jira 8.5.x < 8.20.1 / 8.21.0 (JRASERVER-72898)
2022-07-06 00:00:00
atlassian
atlassian
prion
prion
Authorization
2021-11-01 03:15:00
nvd
nvd
CVE-2021-41313
2021-11-01 03:15:06