Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view private objects via a Broken Access Control vulnerability in the Custom Fields feature. The affected versions are before version 4.21.0.
Advisories
Source ID Title
EUVD EUVD EUVD-2021-30811 Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view private objects via a Broken Access Control vulnerability in the Custom Fields feature. The affected versions are before version 4.21.0.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 07 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: atlassian

Published:

Updated: 2024-10-04T18:11:30.539Z

Reserved: 2021-11-16T00:00:00

Link: CVE-2021-43949

cve-icon Vulnrichment

Updated: 2024-08-04T04:10:16.282Z

cve-icon NVD

Status : Modified

Published: 2022-01-10T16:15:09.587

Modified: 2024-11-21T06:30:04.100

Link: CVE-2021-43949

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.