Atlassian Jira < 8.6.0 / 8.7.x < 8.13.12 / 8.14.x < 8.20.1 / 8.21.0 (JRASERVER-72940)

The version of Atlassian Jira installed on the remote host is prior to 8.6.0 / 8.7.x 8.13.12 / 8.14.x 8.20.1 / 8.21.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-72940 advisory. - Non-administrators can edit the File Replication settings - CVE-2021-41308...

PT-2021-23262 · Atlassian · Jira

Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions prior to 8.6.0 Atlassian Jira Server and Data Center versions 8.7.0 through 8.13.12 Atlassian Jira Server and Data Center versions 8.14.0 through 8.20.1 Description: The issue allows authenticate...

Non-administrators can edit the File Replication settings - CVE-2021-41308

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...