Auth bypass in Atlassian Jira Data Center
CVE-2021-41311
Affected versions of Atlassian Jira Server and Data Center allow attackers with access to an administrator account that has had its access revoked to modify projects' Users & Roles settings, via a Broken Authentication vulnerability in the…
Vulnerability class: Broken Authentication
EPSS: 0.002 (40.5th percentile) — read the EPSS interpretation.
Affected products
- Atlassian Jira Data Center — versions unspecified
- Atlassian Jira Server — versions unspecified
Weakness classification (CWE)
References
- jira.atlassian.com/browse/JRASERVER-72802 (x_refsource_MISC)