Atlassian Jira Insufficient Session Expiration Vulnerability - CVE-2021-39113 - Vulnerability Database

Atlassian Jira Insufficient Session Expiration Vulnerability - CVE-2021-39113

High

Reference: CVE-2021-39113

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-39113

Title: Atlassian Jira Insufficient Session Expiration Vulnerability

Overview:

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to continue to view cached content even after losing permissions via a Broken Access Control vulnerability in the allowlist feature. The affected versions are before version 8.13.9 and from version 8.14.0 before 8.18.0.