4.3
CVE-2021-43948
- EPSS 0.37%
- Veröffentlicht 15.02.2022 04:15:07
- Zuletzt bearbeitet 21.11.2024 06:30:03
- Quelle security@atlassian.com
- CVE-Watchlists
- Unerledigt
LoginAffected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an Improper Authorization vulnerability in the "Move objects" feature. The affected versions are before version 4.21.0.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Atlassian ≫ Jira Service Management SwEditiondata_center Version < 4.21.0
Atlassian ≫ Jira Service Management SwEditionserver Version < 4.21.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.581 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|