Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Atlassian Jira Improper Authentication Vulnerability - CVE-2021-43946 - Vulnerability Database
Atlassian Jira

Atlassian Jira Improper Authentication Vulnerability - CVE-2021-43946

Medium
Reference: CVE-2021-43946
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-43946
Title: Atlassian Jira Improper Authentication Vulnerability
Overview:

Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to add administrator groups to filter subscriptions via a Broken Access Control vulnerability in the /secure/EditSubscription.jspa endpoint. The affected versions are before version 8.21.0.