VDB
CNVD-2022-51199
CNVD-2022-51199
PUBLISHED
CVSS 5.300000190734863 MEDIUM
Atlassian Jira是Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian System dashboard-Jira存在未授权访问漏洞,攻击者可利用该漏洞获取敏感信息。
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| atlassian | jira_data_center | 0, 8.6.0, 8.14.0 |
| Atlassian | Jira Server | 8.6.0, *, unspecified |
| Atlassian | Jira Data Center | 8.14.0, 8.6.0, unspecified |
| atlassian | jira_server | 8.14.0, 8.6.0, 0 |
Exploit Intelligence
- Confluence server webwork OGNL injection (github-poc)
- Confluence server webwork OGNL injection (github-poc)
- Atlassian Jira Server/Data Center 8.4.0 - Arbitrary File read (CVE-2021-26086) (github-poc)
- Atlassian Jira Server/Data Center 8.4.0 - Arbitrary File read (CVE-2021-26086) (github-poc)
- Confluence OGNL Injection [CVE-2021-26084]. (github-poc)
- Confluence OGNL Injection [CVE-2021-26084]. (github-poc)
- CIRCL exploited: CVE-2021-26086 (circl-sighting)
- CIRCL seen: CVE-2021-26086 (circl-sighting)
- CIRCL seen: CVE-2021-26086 (circl-sighting)
- CIRCL seen: CVE-2021-26086 (circl-sighting)
…and 89 more exploits
Timeline
- Aug 16, 2021 CVE Published
- Nov 12, 2024 PoC Published
- Nov 12, 2024 PoC Published
- Nov 12, 2024 PoC Published
- Nov 14, 2024 PoC Published
- Jan 26, 2025 PoC Published
- Jan 27, 2025 PoC Published
- Jan 28, 2025 PoC Published
- Jan 29, 2025 PoC Published
- Jan 30, 2025 PoC Published
- Jan 31, 2025 PoC Published
- Feb 1, 2025 PoC Published