6 matches found
Atlassian Jira 8.7.0 < 8.13.12 Non-Administrators Able To Configure Replication Settings
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.21.0. It is, therefore, affected by a vulnerability which permits authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken...
Atlassian Jira < 8.6.0 / 8.7.x < 8.13.12 / 8.14.x < 8.20.1 / 8.21.0 (JRASERVER-72940)
The version of Atlassian Jira installed on the remote host is prior to 8.6.0 / 8.7.x 8.13.12 / 8.14.x 8.20.1 / 8.21.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-72940 advisory. - Non-administrators can edit the File Replication settings - CVE-2021-41308...
CVE-2021-41308
Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...
PT-2021-23262 · Atlassian · Jira
Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions prior to 8.6.0 Atlassian Jira Server and Data Center versions 8.7.0 through 8.13.12 Atlassian Jira Server and Data Center versions 8.14.0 through 8.20.1 Description: The issue allows authenticate...
Atlassian Jira 安全漏洞
Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. A security vulnerability exists in Atlassian Jira that originates in the Atlassian Jira server and data center that allows remot...
Non-administrators can edit the File Replication settings - CVE-2021-41308
Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...