CVE-2021-41312

CVE-2021-41312

Vendor Atlassian
Product Jira Server
Weakness CWE-287 · Improper authentication
Published November 3, 2021
Last update October 10, 2024

CVSS base score

What the vulnerability does

01Description

Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors endpoint. The affected versions are before version 8.19.1.

Key dates

02Disclosure timeline

November 3, 2021 CVE published
October 10, 2024 Record updated