EUVD-2021-30808

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Atlassian Jira Server and Data Center vulnerable to Broken Access Control, affecting specific versions.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2021-43946	5 Jan 202207:38	–	circl
CNNVD	Atlassian Jira 安全漏洞	5 Jan 202200:00	–	cnnvd
CNVD	Atlassian Jira Access Control Error Vulnerability (CNVD-2022-05438)	6 Jan 202200:00	–	cnvd
CVE	CVE-2021-43946	5 Jan 202203:40	–	cve
Cvelist	CVE-2021-43946	5 Jan 202203:40	–	cvelist
Tenable Nessus	Atlassian Jira < 8.21.0 Broken Access Control (JRASERVER-73071)	27 Jan 202200:00	–	nessus
Atlassian	Unauthorized user can add administrator groups to filter subscriptions - CVE-2021-43946	30 Nov 202118:48	–	atlassian
NVD	CVE-2021-43946	5 Jan 202204:15	–	nvd
Prion	Improper access control	5 Jan 202204:15	–	prion
Positive Technologies	PT-2022-11946 · Atlassian · Jira	5 Jan 202200:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "85f3e1c3-ae10-319c-bab5-a778e4041831",
        "vendor": {
          "name": "Atlassian"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "05ef6551-0340-38ac-8b57-1a9a211c96be",
        "product": {
          "name": "Jira Data Center"
        },
        "product_version": "8.14.0 <unspecified"
      },
      {
        "id": "44521b7a-ed52-35fe-ac8c-f52223488b7d",
        "product": {
          "name": "Jira Data Center"
        },
        "product_version": "unspecified <8.20.9"
      },
      {
        "id": "64ca025d-df6f-3ffe-89ad-78f0b136dafb",
        "product": {
          "name": "Jira Server"
        },
        "product_version": "unspecified <8.13.21"
      },
      {
        "id": "7fd4f41f-047a-35f9-a93b-420acee2f70f",
        "product": {
          "name": "Jira Server"
        },
        "product_version": "unspecified <8.20.9"
      },
      {
        "id": "8d17e75c-8618-33f5-af06-36aca7b73630",
        "product": {
          "name": "Jira Server"
        },
        "product_version": "8.14.0 <unspecified"
      },
      {
        "id": "95cb04ba-d31f-3650-a8e0-eacec665535d",
        "product": {
          "name": "Jira Data Center"
        },
        "product_version": "unspecified <8.13.21"
      }
    ]
  }
]

Source	Link
jira	www.jira.atlassian.com/browse/JRASERVER-73071

03 Oct 2025 20:07Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.16.5

CVSS 24

EPSS0.00285

SSVC

atlassian jira vulnerability broken access control administrator groups filter subscriptions