Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an Improper Authorization vulnerability in the "Move objects" feature. The affected versions are before version 4.21.0.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/JSDSERVER-10981 |
History
Tue, 08 Oct 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2022-02-15T03:35:10.202942Z
Updated: 2024-10-08T17:38:45.124Z
Reserved: 2021-11-16T00:00:00
Link: CVE-2021-43948
Vulnrichment
Updated: 2024-08-04T04:10:17.270Z
NVD
Status : Analyzed
Published: 2022-02-15T04:15:07.280
Modified: 2022-07-12T17:42:04.277
Link: CVE-2021-43948
Redhat
No data.