Atlassian Jira Server Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Version

8.0	86
8.1	86
8.2	86
8.3	86
8.4	86

Remediation

Official Fix	118
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	0

Exploitability

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	118

Access Vector

Not Defined	0
Physical	0
Local	0
Adjacent	6
Network	112

Authentication

Not Defined	0
High	8
Low	58
None	52

User Interaction

Not Defined	0
Required	30
None	88

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	20
≤5	42
≤6	26
≤7	18
≤8	8
≤9	4
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	20
≤5	42
≤6	28
≤7	22
≤8	2
≤9	4
≤10	0

VulDB

≤1	0
≤2	0
≤3	4
≤4	22
≤5	44
≤6	26
≤7	8
≤8	14
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	12
≤6	22
≤7	12
≤8	14
≤9	4
≤10	4

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Vendor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	48
<2k	46
<5k	24
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Today

<1k	118
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Market Volume

🔴 CTI Activities

Affected Versions (221): 2, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 4.0, 4.2, 4.13, 4.13.1, 4.13.2, 4.13.3, 4.13.4, 4.13.5, 4.13.6, 4.13.7, 4.13.8, 4.13.9, 4.13.11, 4.13.12, 4.13.13, 4.13.14, 4.13.15, 4.13.16, 4.13.17, 4.13.18, 4.13.19, 4.13.21, 4.20.1, 4.20.2, 4.20.3, 4.20.4, 4.20.5, 4.20.6, 4.20.7, 4.20.8, 4.20.9, 4.22, 4.22.1, 4.22.2, 4.22.3, 5.0, 6.0, 6.1, 6.2, 7, 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9, 7.1, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 7.1.5, 7.1.6, 7.1.7, 7.1.8, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.6.2, 7.6.3, 7.6.4, 7.6.5, 7.6.6, 7.6.7, 7.6.8, 7.6.9, 7.6.11, 7.6.12, 7.6.13, 7.6.14, 7.6.15, 7.6.16, 7.7, 7.7.1, 7.7.2, 7.7.3, 7.7.4, 7.8, 7.8.1, 7.8.2, 7.8.3, 7.8.4, 7.9, 7.9.1, 7.9.2, 7.10, 7.10.1, 7.10.2, 7.11, 7.11.1, 7.12, 7.13, 7.13.1, 7.13.2, 7.13.3, 7.13.4, 7.13.5, 7.13.6, 7.13.7, 7.13.8, 7.13.9, 7.13.11, 7.13.12, 7.13.13, 7.13.14, 7.13.15, 7.13.16, 7.13.17, 8, 8.0, 8.0.1, 8.0.2, 8.1, 8.1.1, 8.1.2, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 8.3, 8.3.1, 8.3.2, 8.3.3, 8.4, 8.4.1, 8.5, 8.5.1, 8.5.2, 8.5.3, 8.5.4, 8.5.5, 8.5.6, 8.5.7, 8.5.8, 8.5.9, 8.5.11, 8.5.12, 8.5.13, 8.5.14, 8.5.15, 8.5.16, 8.5.17, 8.5.18, 8.6, 8.6.1, 8.7, 8.7.1, 8.8, 8.8.1, 8.9, 8.9.1, 8.10, 8.10.1, 8.11, 8.12, 8.12.1, 8.12.2, 8.13, 8.13.1, 8.13.2, 8.13.3, 8.13.4, 8.13.5, 8.13.6, 8.13.7, 8.13.8, 8.13.9, 8.13.11, 8.13.12, 8.13.13, 8.13.14, 8.13.15, 8.13.16, 8.13.17, 8.13.18, 8.13.19, 8.13.21, 8.14, 8.15, 8.16, 8.17, 8.18, 8.18.1, 8.19, 8.20, 8.20.1, 8.20.2, 8.20.3, 8.20.4, 8.20.5, 8.20.6, 8.20.7, 8.20.8, 8.20.9, 8.21, 8.22, 8.22.1, 8.22.2, 8.22.3

Link to Product Website: https://www.atlassian.com/

Software Type: Bug Tracking Software

Published	Base	Temp	Vulnerability	0day	Today	Exp	Rem	CTI	CVE
08/10/2022	4.3	4.1	Atlassian Jira Server/Jira Data Center TeamManagement.jspa cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2022-36801
08/01/2022	4.7	4.5	Atlassian JIRA Server/Data Center Velocity Template code injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01	CVE-2022-36799
06/30/2022	6.4	6.2	Atlassian Jira Server/Jira Data Center Mobile Plugin server-side request forgery	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2022-26135
04/21/2022	7.3	7.0	Atlassian JIRA Server/Data Center Seraph improper authentication	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2022-0540
03/08/2022	4.7	4.5	Atlassian JIRA Server/Data Center Email Template injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2021-43944
02/28/2022	2.4	2.3	Atlassian JIRA Server/Data Center hierarchyConfiguration cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-43945
02/15/2022	4.3	4.1	Atlassian JIRA Server/Data Center Thread Contention/CPU Monitoring Service ViewInstrumentation.jspa cross-site request forgery	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-43953
02/15/2022	4.3	4.1	Atlassian JIRA Server/Data Center RestoreDefaults.jspa cross-site request forgery	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-43952
02/15/2022	4.3	4.1	Atlassian JIRA Server/Data Center Jira-importers-plugin CsvFieldMappingsPage.jspa cross-site request forgery	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-43941
01/06/2022	4.7	4.5	Atlassian JIRA Server/Data Center Email Template Privilege Escalation	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-43947
01/05/2022	6.3	6.0	Atlassian JIRA Server/Data Center Filter Subscription EditSubscription.jspa access control	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2021-43946
01/04/2022	3.5	3.4	Atlassian JIRA Server/Data Center Endpoint custom cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-43942
12/08/2021	7.3	7.0	Atlassian JIRA Server/Data Center Roles Settings roles improper authentication	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2021-41311
12/08/2021	7.3	7.0	Atlassian JIRA Server/Data Center Service Management Project resource improper authentication	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-41309
11/03/2021	7.4	7.2	Atlassian JIRA Server/Data Center Jira Service Management Project ViewCollectors improper authentication	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-41312
11/02/2021	4.8	4.7	Atlassian JIRA Server/Data Center Associated Project AssociatedProjectsForCustomField.jspa cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-41310
11/01/2021	5.3	5.2	Atlassian JIRA Server/Data Center Email Batch Confirguation ConfigureBatching!default.jspa improper authorization	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-41313
10/26/2021	4.8	4.7	Atlassian JIRA Server/Data Center Error Message ImporterFinishedPage.jspa cross site scripting	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-41304
10/26/2021	6.4	6.2	Atlassian JIRA Server/Data Center File Replication Setting ReplicationSettings!default.jspa improper authorization	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-41308
10/26/2021	7.4	7.2	Atlassian JIRA Server/Data Center Private Project resource injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-41307
10/26/2021	5.9	5.8	Atlassian JIRA Server/Data Center Private Project resource injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2021-41306
10/26/2021	7.4	7.2	Atlassian JIRA Server/Data Center Project resource injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2021-41305
10/21/2021	5.8	5.7	Atlassian JIRA Server/Data Center JQL Endpoint access control	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2021-39127
10/21/2021	6.1	6.1	Atlassian JIRA Server/Data Center Referer cross-site request forgery	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2021-39126
09/16/2021	4.7	4.5	Atlassian JIRA Server/Data Center Service Management Addon injection	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-39128

92 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 92 results.

more entries by Atlassian

◂ PreviousOverviewNext ▸

Do you need the next level of professionalism?

Upgrade your account now!