CVE-2025-22177

🗓️ 22 Oct 2025 16:30:00Reported by atlassianType

CVE-2025-22177: Jira Align authorization flaw allows low privilege users to access endpoints exposing limited sensitive data.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-22177	22 Oct 202517:13	–	circl
CNNVD	Atlassian Jira Align 安全漏洞	22 Oct 202500:00	–	cnnvd
Cvelist	CVE-2025-22177	22 Oct 202516:30	–	cvelist
EUVD	EUVD-2025-35607	22 Oct 202516:30	–	euvd
NVD	CVE-2025-22177	22 Oct 202517:15	–	nvd
OSV	CVE-2025-22177	22 Oct 202517:15	–	osv
RedhatCVE	CVE-2025-22177	23 Oct 202518:14	–	redhatcve
Vulnrichment	CVE-2025-22177	22 Oct 202516:30	–	vulnrichment

NVD

Node

atlassian jira_alignRange11.14.0–11.16.1

[
  {
    "vendor": "Atlassian",
    "product": "Jira Align",
    "versions": [
      {
        "version": "< 11.14.0",
        "status": "unaffected"
      },
      {
        "version": ">= 11.14.0",
        "status": "affected"
      },
      {
        "version": ">= 11.14.1",
        "status": "affected"
      },
      {
        "version": ">= 11.15.0",
        "status": "affected"
      },
      {
        "version": ">= 11.15.1",
        "status": "affected"
      },
      {
        "version": ">= 11.16.0",
        "status": "affected"
      },
      {
        "version": ">= 11.16.1",
        "status": "unaffected"
      }
    ]
  }
]

Source	Link
jira	www.jira.atlassian.com/browse/JIRAALIGN-8646

24 Oct 2025 14:20Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.14.3

CVSS 45.3

EPSS0.00037

SSVC

CWE-285