Jira 漏洞

时间轴

去年

版本

8.0	97
8.1	95
8.2	90
8.3	89
8.4	84

修正

Official Fix	203
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	31

易受攻击性

High	4
Functional	0
Proof-of-Concept	4
Unproven	0
Not Defined	226

访问向量

Not Defined	0
Physical	0
Local	5
Adjacent	9
Network	220

身份验证

Not Defined	0
High	14
Low	101
None	119

用户交互

Not Defined	0
Required	54
None	180

CVSSv3 Base

≤1	0
≤2	0
≤3	1
≤4	25
≤5	72
≤6	76
≤7	32
≤8	20
≤9	6
≤10	2

CVSSv3 Temp

≤1	0
≤2	0
≤3	1
≤4	27
≤5	77
≤6	76
≤7	36
≤8	9
≤9	6
≤10	2

VulDB

≤1	0
≤2	0
≤3	8
≤4	33
≤5	71
≤6	72
≤7	21
≤8	27
≤9	0
≤10	2

NVD

≤1	0
≤2	0
≤3	0
≤4	3
≤5	32
≤6	44
≤7	42
≤8	19
≤9	15
≤10	6

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	0
≤7	0
≤8	0
≤9	0
≤10	2

供应商

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	1

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	65
<2k	122
<5k	45
<10k	1
<25k	1
<50k	0
<100k	0
≥100k	0

本日攻击

<1k	233
<2k	0
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Affected Versions (414): 0.1, 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.8, 1.0, 1.1, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.1.7, 1.1.8, 1.1.9, 1.1.11, 1.1.12, 1.1.13, 1.1.14, 1.1.15, 1.1.16, 1.1.17, 1.1.18, 1.1.19, 1.2, 1.3, 1.3.1, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 2, 2.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.165.v8846cf59f3db, 2.1, 2.2, 2.3, 2.4, 2.4.6, 2.5, 2.6, 3, 3.0, 3.0.1, 3.1, 3.1.1, 3.2, 3.3, 3.4, 3.4.3, 3.5, 3.6, 3.6.2 156, 3.7, 3.8, 3.9, 3.9.1, 3.9.2, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 3.9.8, 3.9.9, 3.9.11, 3.9.12, 3.9.13, 3.9.14, 3.9.15, 3.9.16, 3.10, 3.10.1, 3.10.2, 3.10.3, 3.10.4, 3.10.5, 3.10.6, 3.10.7, 3.10.8, 3.10.9, 3.11, 3.12, 3.12.1, 3.12.2, 3.12.3, 3.13, 3.13.1, 3.13.2, 3.13.3, 3.13.4, 3.13.5, 3.16, 3.16.1, 3.16.2, 3.16.3, 3.16.4, 3.16.5, 3.16.6, 3.16.7, 3.16.8, 4.0, 4.0.1, 4.0.2, 4.1, 4.1.1, 4.1.2, 4.2, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.3, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.4, 4.4.1, 4.4.2, 4.5, 4.6, 4.7, 4.8, 4.9, 4.10, 4.11, 4.12, 4.13, 4.13.1, 4.13.2, 4.13.3, 4.13.4, 4.13.5, 4.13.6, 4.13.7, 4.13.8, 4.13.9, 4.13.11, 4.13.12, 4.13.13, 4.13.14, 4.13.15, 4.13.16, 4.13.17, 4.13.18, 4.13.19, 4.13.21, 4.14, 4.15, 4.16, 4.17, 4.18, 4.19, 4.20, 4.20.1, 4.20.2, 4.20.3, 4.20.4, 4.20.5, 4.20.6, 4.20.7, 4.20.8, 4.20.9, 4.22, 4.22.1, 4.22.2, 4.22.3, 5.0, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.1, 6.2, 6.3, 6.4, 6.5, 6.6, 6.7, 6.8, 6.9, 6.10, 6.11, 6.12, 6.13, 6.14, 6.15, 6.16, 6.17, 6.18, 6.19, 6.20, 6.21, 6.22, 6.23, 6.24, 6.25, 6.26, 6.27, 6.28, 6.29, 7, 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9, 7.1, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 7.1.5, 7.1.6, 7.1.7, 7.1.8, 7.2, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.2.11, 7.3, 7.4, 7.4.1, 7.5, 7.5.1, 7.5.2, 7.5.3, 7.6, 7.6.1, 7.6.2, 7.6.3, 7.6.4, 7.6.5, 7.6.6, 7.6.7, 7.6.8, 7.6.9, 7.6.11, 7.6.12, 7.6.13, 7.6.14, 7.6.15, 7.6.16, 7.7, 7.7.1, 7.7.2, 7.7.3, 7.7.4, 7.8, 7.8.1, 7.8.2, 7.8.3, 7.8.4, 7.9, 7.9.1, 7.9.2, 7.10, 7.10.1, 7.10.2, 7.11, 7.11.1, 7.11.2, 7.12, 7.12.1, 7.12.2, 7.12.3, 7.13, 7.13.1, 7.13.2, 7.13.3, 7.13.4, 7.13.5, 7.13.6, 7.13.7, 7.13.8, 7.13.9, 7.13.11, 7.13.12, 7.13.13, 7.13.14, 7.13.15, 7.13.16, 7.13.17, 8, 8.0, 8.0.1, 8.0.2, 8.0.3, 8.1, 8.1.1, 8.1.2, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 8.3, 8.3.1, 8.3.2, 8.3.3, 8.4, 8.4.1, 8.4.2, 8.5, 8.5.1, 8.5.2, 8.5.3, 8.5.4, 8.5.5, 8.5.6, 8.5.7, 8.5.8, 8.5.9, 8.5.11, 8.5.12, 8.5.13, 8.5.14, 8.5.15, 8.5.16, 8.5.17, 8.5.18, 8.6, 8.6.1, 8.7, 8.7.1, 8.8, 8.8.1, 8.9, 8.9.1, 8.10, 8.10.1, 8.11, 8.12, 8.12.1, 8.12.2, 8.13, 8.13.1, 8.13.2, 8.13.3, 8.13.4, 8.13.5, 8.13.6, 8.13.7, 8.13.8, 8.13.9, 8.13.11, 8.13.12, 8.13.13, 8.13.14, 8.13.15, 8.13.16, 8.13.17, 8.13.18, 8.13.19, 8.13.21, 8.14, 8.15, 8.16, 8.17, 8.18, 8.18.1, 8.19, 8.20, 8.20.1, 8.20.2, 8.20.3, 8.20.4, 8.20.5, 8.20.6, 8.20.7, 8.20.8, 8.20.9, 8.21, 8.22, 8.22.1, 8.22.2, 8.22.3

Link to Product Website: https://www.microsoft.com/

已发布	Base	Temp	漏洞	0day	今天	易	修正	CTI	CVE
2024-02-13	9.8	9.1	Microsoft Entra Jira Single-Sign-On Plugin Remote Code Execution	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2024-21401
2023-11-29	5.0	5.0	Jira Plugin Credentials Lookup 权限升级	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2023-49653
2023-10-07	3.4	3.3	Discourse-jira 信息公开	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-44384
2023-07-07	3.4	3.4	Apache Camel JIRA Temporary Files 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.01	CVE-2023-34442
2023-07-05	6.0	6.0	icingaweb2-module-jira 跨网站请求伪造	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-30607
2023-06-26	4.4	4.4	Atlassian Jira TechTime User Management 跨网站脚本	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	CVE-2023-36662
2023-02-01	8.3	8.3	Atlassian Jira Service Management Server and Data Center 弱身份验证	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	CVE-2023-22501
2023-01-27	6.5	6.5	JIRA Pipeline Steps Plugin 跨网站请求伪造	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2023-24437
2023-01-27	4.5	4.5	JIRA Pipeline Steps Plugin Controller File System 信息公开	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2023-24439
2023-01-27	5.0	5.0	JIRA Pipeline Steps Plugin Credentials 权限升级	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2023-24438
2023-01-27	4.6	4.6	JIRA Pipeline Steps Plugin Configuration Form 弱加密	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2023-24440
2022-10-14	5.5	5.3	Atlassian Jira Align MasterUserEdit API 权限升级	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-36803
2022-10-14	6.1	6.0	Atlassian Jira Align ManageJiraConnectors API 权限升级	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-36802
2022-08-10	4.3	4.1	Atlassian Jira Server/Jira Data Center TeamManagement.jspa 跨网站脚本	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2022-36801
2022-08-03	4.3	4.1	Atlassian Jira Service Management Server/Data Center Group browsegroups.action 信息公开	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-36800
2022-08-01	4.7	4.5	Atlassian JIRA Server/Data Center Velocity Template 权限升级	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01	CVE-2022-36799
2022-07-26	6.0	5.9	Atlassian Jira Service Management Server/Data Center JSM Insight 权限升级	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2021-43959
2022-07-21	7.5	7.4	Atlassian Jira Servlet Filter 未知漏洞	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2022-26136
2022-07-21	8.0	7.9	Atlassian Jira HTTP Request Remote Code Execution	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2022-26137
2022-07-07	4.4	4.4	Appfire Jira Misc Custom Fields App Project Name 跨网站脚本	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-32567
2022-06-30	6.4	6.2	Atlassian Jira Server/Jira Data Center Mobile Plugin 权限升级	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2022-26135
2022-04-21	7.3	7.0	Atlassian JIRA Server/Data Center Seraph 弱身份验证	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2022-0540
2022-04-13	3.5	3.5	Jira Plugin 跨网站脚本	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2022-29041
2022-03-08	4.7	4.5	Atlassian JIRA Server/Data Center Email Template 权限升级	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2021-43944
2022-02-28	2.4	2.3	Atlassian JIRA Server/Data Center hierarchyConfiguration 跨网站脚本	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-43945

Jira 漏洞

时间轴

去年

版本

修正

易受攻击性

访问向量

身份验证

用户交互

C3BM Index

去年

CVSSv3 Base

CVSSv3 Temp

VulDB

NVD

CNA

供应商

Research

零日攻击

本日攻击

攻击市场容量

去年

🔴 CTI 活动

🔒 Login Required

Do you know our Splunk app?