CVE-2025-22172

🗓️ 22 Oct 2025 16:30:03Reported by atlassianType

Jira Align has an authorization flaw allowing low-privilege users to access endpoints and read reports.

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2025-22172	22 Oct 202517:13	–	circl
CNNVD	Atlassian Jira Align 安全漏洞	22 Oct 202500:00	–	cnnvd
Cvelist	CVE-2025-22172	22 Oct 202516:30	–	cvelist
EUVD	EUVD-2025-35603	22 Oct 202518:30	–	euvd
NVD	CVE-2025-22172	22 Oct 202517:15	–	nvd
RedhatCVE	CVE-2025-22172	23 Oct 202518:14	–	redhatcve
Vulnrichment	CVE-2025-22172	22 Oct 202516:30	–	vulnrichment

NVD

Node

atlassian jira_alignRange11.14.0–11.16.1

[
  {
    "vendor": "Atlassian",
    "product": "Jira Align",
    "versions": [
      {
        "version": "< 11.14.0",
        "status": "unaffected"
      },
      {
        "version": ">= 11.14.0",
        "status": "affected"
      },
      {
        "version": ">= 11.14.1",
        "status": "affected"
      },
      {
        "version": ">= 11.15.0",
        "status": "affected"
      },
      {
        "version": ">= 11.15.1",
        "status": "affected"
      },
      {
        "version": ">= 11.16.0",
        "status": "affected"
      },
      {
        "version": ">= 11.16.1",
        "status": "unaffected"
      }
    ]
  }
]

Source	Link
jira	www.jira.atlassian.com/browse/JIRAALIGN-8641

24 Oct 2025 14:24Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.14.3

CVSS 45.3

EPSS0.00037

SSVC

CWE-285