Atlassian Jira Align
By the Year
In 2023 there have been 0 vulnerabilities in Atlassian Jira Align . Last year Jira Align had 2 security vulnerabilities published. Right now, Jira Align is on track to have less security vulnerabilities in 2023 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 2 | 6.85 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Jira Align vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Atlassian Jira Align Security Vulnerabilities
The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2
CVE-2022-36803
8.8 - High
- October 14, 2022
The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the People role permission to use the MasterUserEdit API to modify any users role to Super Admin. This vulnerability was reported by Jacob Shafer from Bishop Fox.
Incorrect Default Permissions
The ManageJiraConnectors API in Atlassian Jira Align before version 10.109.2
CVE-2022-36802
4.9 - Medium
- October 14, 2022
The ManageJiraConnectors API in Atlassian Jira Align before version 10.109.2 allows remote attackers to exploit this issue to access internal network resources via a Server-Side Request Forgery. This can be exploited by a remote, unauthenticated attacker with Super Admin privileges by sending a specially crafted HTTP request.
XSPA
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Atlassian Jira Align or by Atlassian? Click the Watch button to subscribe.
