QwikSec

Security Database

CVE

CWE

Training

CVE-2021-41312

Published: Nov 3, 2021

Modified: Oct 10, 2024

PUBLISHED

Description

Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors endpoint. The affected versions are before version 8.19.1.

Vendor	Product	Versions
Atlassian	Jira Server	affected `unspecified - < 8.19.1`
Atlassian	Jira Data Center	affected `unspecified - < 8.19.1`

Weaknesses (CWE)

References

https://jira.atlassian.com/browse/JRASERVER-72801

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2021-41312 - Security Vulnerability | QwikSec