Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References (IDOR) vulnerability in the Workload Pie Chart Gadget. The affected versions are before version 8.13.12, and from version 8.14.0 before 8.20.0.
History

Wed, 09 Oct 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Atlassian jira Data Center
CPEs cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*
Vendors & Products Atlassian jira Data Center
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: atlassian

Published: 2021-10-26T04:15:21.297549Z

Updated: 2024-10-09T19:20:41.686Z

Reserved: 2021-09-16T00:00:00

Link: CVE-2021-41307

cve-icon Vulnrichment

Updated: 2024-08-04T03:08:31.948Z

cve-icon NVD

Status : Modified

Published: 2021-10-26T05:15:07.437

Modified: 2024-11-21T06:26:00.960

Link: CVE-2021-41307

cve-icon Redhat

No data.