Jira Software Data Center Security Vulnerabilities and Issues — Jira Software Data Center CVE List

Lucene search

AtlassianJira Software Data Center

8 matches found

CVE•added 2020/07/13 1:15 a.m.•90 views

CVE-2019-20898

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to access sensitive information without being authenticated in the Global permissions screen. The affected versions are before version 8.8.0.

7.5CVSS7.3AI score0.00292EPSS

CVE•added 2020/09/01 5:15 a.m.•70 views

CVE-2020-14178

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate project keys via an Information Disclosure vulnerability in the /browse.PROJECTKEY endpoint. The affected versions are before version 7.13.7, from version 8.0.0 before 8.5.8, and from version 8.6.0 before...

7.5CVSS7.3AI score0.01369EPSS

CVE•added 2021/10/26 5:15 a.m.•69 views

CVE-2021-41305

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view the names of private projects and filters via an Insecure Direct Object References (IDOR) vulnerability in the Average Number of Times in Status Gadget. The affected versions are before version 8.13....

7.5CVSS7.4AI score0.00414EPSS

CVE•added 2021/10/26 5:15 a.m.•67 views

CVE-2021-41306

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view private project and filter names via an Insecure Direct Object References (IDOR) vulnerability in the Average Time in Status Gadget. The affected versions are before version 8.13.12, and from version...

7.5CVSS7.4AI score0.00735EPSS

CVE•added 2020/07/01 2:15 a.m.•61 views

CVE-2020-14167

The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 before 8.5.5, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to impact the application's availability via an Denial of Service (DoS) vulnerability.

7.5CVSS7.4AI score0.00915EPSS

CVE•added 2021/10/26 5:15 a.m.•58 views

CVE-2021-41307

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References (IDOR) vulnerability in the Workload Pie Chart Gadget. The affected versions are before version 8.13.1...

7.5CVSS7.5AI score0.01264EPSS

CVE•added 2020/06/29 6:15 a.m.•49 views

CVE-2019-20413

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability on the UserPickerBrowser.jspa page. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2.

7.5CVSS7.4AI score0.00843EPSS

CVE•added 2021/12/08 4:15 a.m.•43 views

CVE-2021-41311

Affected versions of Atlassian Jira Server and Data Center allow attackers with access to an administrator account that has had its access revoked to modify projects' Users & Roles settings, via a Broken Authentication vulnerability in the /plugins/servlet/project-config/PROJECT/roles endpoint. The...

7.5CVSS7.4AI score0.00188EPSS