10 matches found
EUVD-2021-28341
Malicious code in bioql PyPI...
Users who don't have Jira administrators global permission can create issue collectors
h3. Issue Summary The following description exists in our document "Using the issue collector|https://confluence.atlassian.com/adminjiraserver0912/using-the-issue-collector-1346047512.html" code For all of the following procedures, you must be logged in as a user with the Jira administrators glob...
Atlassian Jira < 8.19.1 Improper Authentication
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is 8.5.x prior to 8.19.1. It is, therefore, affected by a vulnerability allowing a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issu...
Atlassian Jira 8.5.x < 8.19.1 (JRASERVER-72801)
The version of Atlassian Jira installed on the remote host is prior to 8.5.x 8.19.1. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-72801 advisory. - Access-revoked user can enable/disable Issue Collectors on a Jira project - CVE-2021-41312 CVE-2021-41312 Note that...
CVE-2021-41312
Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors...
Authentication flaw
Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors...
CVE-2021-41312
Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors...
CVE-2021-41312
Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors...
PT-2021-23267 · Atlassian · Jira Service Management Server +1
Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions prior to 8.19.1 Description: The issue allows a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management...
Access-revoked user can enable/disable Issue Collectors on a Jira project - CVE-2021-41312
Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors...