What is CVE-2019-8443?

CVE-2019-8443 is a high-severity vulnerability in Atlassian Jira, classified under Improper Authentication. CVSS score: 8.1/10. Published 2019-05-22.

How severe is CVE-2019-8443?

High severity. CVSS v3 base score is 8.1 out of 10.

Auth bypass in Atlassian Jira

CVE-2019-8443

The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers who have obtained access to administrator's session to access the ViewUpg…

Vulnerability class: Broken Authentication

EPSS: 0.026 (83.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Atlassian Jira — versions unspecified, 8.0.0, unspecified
Atlassian Jira_server

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

security@atlassian.com (x_refsource_MISC, Issue Tracking, Vendor Advisory)
security@atlassian.com (vdb-entry, Broken Link, x_refsource_BID)

Frequently asked questions

What is CVE-2019-8443?: CVE-2019-8443 is a high-severity vulnerability in Atlassian Jira, classified under Improper Authentication. CVSS score: 8.1/10. Published 2019-05-22.
How severe is CVE-2019-8443?: High severity. CVSS v3 base score is 8.1 out of 10.