Atlassian Jira Service Management Server
13 CVEs affecting Atlassian Jira Service Management Server. Latest disclosed: 2025-05-20. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-22501 | Critical | 9.4 | 2023-02-01 | An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain… |
CVE-2025-22157 | | 2025-05-20 | This High severity PrivEsc (Privilege Escalation) vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Se… | |
CVE-2022-36800 | | 2022-08-03 | Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via a… | |
CVE-2021-43959 | | 2022-07-26 | Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to access the content of internal network re… | |
CVE-2022-26137 | | 2022-07-20 | A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application… | |
CVE-2022-26136 | | 2022-07-20 | A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impa… | |
CVE-2022-26135 | | 2022-06-30 | A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to p… | |
CVE-2022-0540 | | 2022-04-20 | A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atl… | |
CVE-2021-43943 | | 2022-02-24 | Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScr… | |
CVE-2021-43948 | | 2022-02-15 | Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an… | |
CVE-2021-43950 | | 2022-02-15 | Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view import source configuration informat… | |
CVE-2021-43949 | | 2022-01-10 | Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view private objects via a Broken Access… | |
CVE-2021-43951 | | 2022-01-10 | Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view object import configuration details… |