Description

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.

Remediation

References

CVE-2021-39127

Related Vulnerabilities

MySQL CVE-2019-2617 Vulnerability (CVE-2019-2617)

Joomla! Core 3.0.x Security Bypass (3.0.0 - 3.0.3)

MySQL CVE-2013-1548 Vulnerability (CVE-2013-1548)

MySQL CVE-2019-2812 Vulnerability (CVE-2019-2812)

MySQL CVE-2014-6496 Vulnerability (CVE-2014-6496)

Severity

Medium

Classification

CVE-2021-39127 CWE-668

Tags

Missing Update Known Vulnerabilities