Lucene search
+L

4 matches found

nvd
nvd
added 2021/12/08 4:15 a.m.19 views

CVE-2021-41309

Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user's Jira Service Management project via a Broken Authentication vulnerability in the /plugins/servlet/audit/resource endpoint. The...

5.3CVSS0.00804EPSS
Exploits0References1
cve
cve
added 2021/12/08 3:35 a.m.69 views

CVE-2021-41309

The CVE-2021-41309 issue affects Atlassian Jira Server and Data Center (pre-8.19.1) and is due to a Broken Authentication flaw in the /plugins/servlet/audit/resource endpoint. A user whose Jira Service Management access has been revoked can export audit logs from another user’s project. Reported ...

5.3CVSS5.2AI score0.00804EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2021/10/27 12:0 a.m.4 views

CVE-2021-41309

Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user's Jira Service Management project via a Broken Authentication vulnerability in the /plugins/servlet/audit/resource endpoint. The...

5.3CVSS6AI score0.00804EPSS
Exploits0References2
atlassian
atlassian
added 2021/09/15 1:19 a.m.44 views

Access-revoked user can view audit logs of Jira Projects - CVE-2021-41309

Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user's Jira Service Management project via a Broken Authentication vulnerability in the /plugins/servlet/audit/resource endpoint. The...

5.3CVSS5.8AI score0.00804EPSS
Exploits0Affected Software1
Rows per page
Query Builder