EUVD-2025-35606

🗓️ 22 Oct 2025 18:30:38Reported by EUVDType

Authorization flaw in Jira Align lets a low privilege user access endpoints and view a private checklist's steps.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-22168	22 Oct 202517:13	–	circl
CNNVD	Atlassian Jira Align 安全漏洞	22 Oct 202500:00	–	cnnvd
CVE	CVE-2025-22168	22 Oct 202516:30	–	cve
Cvelist	CVE-2025-22168	22 Oct 202516:30	–	cvelist
NVD	CVE-2025-22168	22 Oct 202517:15	–	nvd
OSV	CVE-2025-22168	22 Oct 202517:15	–	osv
RedhatCVE	CVE-2025-22168	23 Oct 202518:14	–	redhatcve
Vulnrichment	CVE-2025-22168	22 Oct 202516:30	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "02aa2e6c-03eb-3ba1-b570-8cc39cb8c7cb",
        "vendor": {
          "name": "Atlassian"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "26a455d6-0968-38fa-bf6b-18c5ddebfec9",
        "product": {
          "name": "Jira Align"
        },
        "product_version": "11.14.1"
      },
      {
        "id": "568520ff-82f4-35de-be20-f6ce3d32272a",
        "product": {
          "name": "Jira Align"
        },
        "product_version": "11.14.0"
      },
      {
        "id": "80e5ca61-fd8c-3a9d-8e1f-413a09b8f71b",
        "product": {
          "name": "Jira Align"
        },
        "product_version": ""
      },
      {
        "id": "c0170506-0650-3b12-bfbb-ecd4cf712dbf",
        "product": {
          "name": "Jira Align"
        },
        "product_version": "11.16.0"
      },
      {
        "id": "c781d153-b8a3-3329-866a-bc469ddeeed2",
        "product": {
          "name": "Jira Align"
        },
        "product_version": "11.15.0"
      },
      {
        "id": "d4e12caa-a1d6-3790-8b9c-91347ea3ed0c",
        "product": {
          "name": "Jira Align"
        },
        "product_version": "11.15.1"
      }
    ]
  }
]

Source	Link
jira	www.jira.atlassian.com/browse/JIRAALIGN-8637
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-22168

22 Oct 2025 18:30Current

6.2Medium risk

Vulners AI Score6.2

CVSS 45.3

EPSS0.00037