Jira Data Center Security Vulnerabilities and Issues — Jira Data Center CVE List

Lucene search

AtlassianJira Data Center

9 matches found

CVE•added 2024/06/18 5:15 p.m.•125 views

CVE-2024-21685

This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosure ...

7.4CVSS7.2AI score0.00275EPSS

CVE•added 2022/08/01 11:15 a.m.•100 views

CVE-2022-36799

This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary code via Template ...

7.2CVSS7.5AI score0.03428EPSS

CVE•added 2022/03/08 2:15 a.m.•92 views

CVE-2021-43944

7.2CVSS7.6AI score0.02123EPSS

CVE•added 2021/09/16 6:15 a.m.•76 views

CVE-2021-39128

Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. The affected versions of Jira Ser...

7.2CVSS7.3AI score0.00712EPSS

CVE•added 2020/09/01 5:15 a.m.•70 views

CVE-2020-14178

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate project keys via an Information Disclosure vulnerability in the /browse.PROJECTKEY endpoint. The affected versions are before version 7.13.7, from version 8.0.0 before 8.5.8, and from version 8.6.0 before...

7.5CVSS7.3AI score0.01369EPSS

CVE•added 2021/08/30 7:15 a.m.•65 views

CVE-2021-39113

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to continue to view cached content even after losing permissions, via a Broken Access Control vulnerability in the allowlist feature. The affected versions are before version 8.13.9, and from version 8.14.0 ...

7.5CVSS7.4AI score0.00558EPSS

CVE•added 2020/07/01 2:15 a.m.•61 views

CVE-2020-14167

The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 before 8.5.5, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to impact the application's availability via an Denial of Service (DoS) vulnerability.

7.5CVSS7.4AI score0.00915EPSS

CVE•added 2020/07/03 2:15 a.m.•56 views

CVE-2019-20419

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute arbitrary code via a DLL hijacking vulnerability in Tomcat. The affected versions are before version 8.5.5, and from version 8.6.0 before 8.7.2.

7.8CVSS7.9AI score0.0082EPSS

CVE•added 2020/06/29 6:15 a.m.•49 views

CVE-2019-20413

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability on the UserPickerBrowser.jspa page. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2.

7.5CVSS7.4AI score0.00843EPSS