4 matches found
CVE-2021-41309
Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user's Jira Service Management project via a Broken Authentication vulnerability in the /plugins/servlet/audit/resource endpoint. The...
CVE-2021-41309
The CVE-2021-41309 issue affects Atlassian Jira Server and Data Center (pre-8.19.1) and is due to a Broken Authentication flaw in the /plugins/servlet/audit/resource endpoint. A user whose Jira Service Management access has been revoked can export audit logs from another user’s project. Reported ...
CVE-2021-41309
Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user's Jira Service Management project via a Broken Authentication vulnerability in the /plugins/servlet/audit/resource endpoint. The...
Access-revoked user can view audit logs of Jira Projects - CVE-2021-41309
Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user's Jira Service Management project via a Broken Authentication vulnerability in the /plugins/servlet/audit/resource endpoint. The...