Atlassian Jira Align
By the Year
In 2024 there have been 0 vulnerabilities in Atlassian Jira Align . Jira Align did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 6.85 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Jira Align vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Atlassian Jira Align Security Vulnerabilities
The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2
CVE-2022-36803
8.8 - High
- October 14, 2022
The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the People role permission to use the MasterUserEdit API to modify any users role to Super Admin. This vulnerability was reported by Jacob Shafer from Bishop Fox.
Incorrect Default Permissions
The ManageJiraConnectors API in Atlassian Jira Align before version 10.109.2
CVE-2022-36802
4.9 - Medium
- October 14, 2022
The ManageJiraConnectors API in Atlassian Jira Align before version 10.109.2 allows remote attackers to exploit this issue to access internal network resources via a Server-Side Request Forgery. This can be exploited by a remote, unauthenticated attacker with Super Admin privileges by sending a specially crafted HTTP request.
XSPA
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Atlassian Jira Align or by Atlassian? Click the Watch button to subscribe.
