EUVD-2021-28338

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Jira Server and Data Center before 8.19.1 have a Broken Authentication vulnerability in audit logs export.

Reporter	Title	Published	Views	Family All 10
Atlassian	Access-revoked user can view audit logs of Jira Projects - CVE-2021-41309	15 Sep 202101:19	–	atlassian
Atlassian	Access-revoked user can view audit logs of Jira Projects - CVE-2021-41309	15 Sep 202101:19	–	atlassian
CNNVD	Atlassian Jira授权问题漏洞	8 Dec 202100:00	–	cnnvd
CVE	CVE-2021-41309	8 Dec 202103:35	–	cve
Cvelist	CVE-2021-41309	8 Dec 202103:35	–	cvelist
NCSC	Vulnerabilities fixed in Atlassian Jira Server	10 Dec 202100:00	–	ncsc
NVD	CVE-2021-41309	8 Dec 202104:15	–	nvd
Prion	Authentication flaw	8 Dec 202104:15	–	prion
Positive Technologies	PT-2021-23263 · Atlassian · Jira	8 Dec 202100:00	–	ptsecurity
Vulnrichment	CVE-2021-41309	8 Dec 202103:35	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "b6635046-8213-32da-926f-7a298d9f504c",
        "vendor": {
          "name": "Atlassian"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0d80cc68-2068-349d-89fc-ca69893980cc",
        "product": {
          "name": "Jira Server"
        },
        "product_version": "unspecified <8.19.1"
      },
      {
        "id": "baa25809-f6d3-3eb1-98af-d0597169aab0",
        "product": {
          "name": "Jira Data Center"
        },
        "product_version": "unspecified <8.19.1"
      }
    ]
  }
]

Source	Link
jira	www.jira.atlassian.com/browse/JRASERVER-72803

03 Oct 2025 20:07Current

5.6Medium risk

Vulners AI Score5.6

CVSS 3.15.3

CVSS 25

EPSS0.00184

SSVC