CVE-2021-43949
published 2022-01-10CVE-2021-43949: Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view private objects via a Broken Access…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view private objects via a Broken Access Control vulnerability in the Custom Fields feature. The affected versions are before version 4.21.0.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | jira_service_management | < 4.21.0 | 4.21.0 |
| atlassian | jira_service_management_data_center | >= unspecified < 4.21.0 | 4.21.0 |
| atlassian | jira_service_management_server | >= unspecified < 4.21.0 | 4.21.0 |