Atlassian Jira Service Desk Server vulnerabilities
5 known vulnerabilities affecting atlassian/jira_service_desk_server.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-39115HIGHCVSS 7.2≥ unspecified, < 4.13.9≥ 4.14.0, < unspecified+1 more2021-09-01
CVE-2021-39115 [HIGH] CWE-96 CVE-2021-39115: Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands via a Server_Side Template Injection vulnerability in the Email Template feature. The affected versions are before version 4.13.9, and from version 4.14.0
cvelistv5nvd
CVE-2020-14180MEDIUMCVSS 4.3≥ unspecified, < 4.12.02020-09-21
CVE-2020-14180 [MEDIUM] CVE-2020-14180: Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authe
Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource. The affected versions are before version 4.12.0.
cvelistv5nvd
CVE-2019-15004HIGHCVSS 7.5≥ unspecified, < 3.9.17≥ 3.10.0, < unspecified+9 more2019-11-07
CVE-2019-15004 [HIGH] CWE-22 CVE-2019-15004: The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.10, from 4.0.0 before 4.2.6, from 4.3.0 before 4.3.5, from 4.4.0 before 4.4.3, and from 4.5.0 before 4.5.1 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via a path
cvelistv5nvd
CVE-2019-15003MEDIUMCVSS 5.3≥ unspecified, < 3.9.17≥ 3.10.0, < unspecified+9 more2019-11-07
CVE-2019-15003 [MEDIUM] CWE-22 CVE-2019-15003: The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.10, from 4.0.0 before 4.2.6, from 4.3.0 before 4.3.5, from 4.4.0 before 4.4.3, and from 4.5.0 before 4.5.1 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via autho
cvelistv5nvd
CVE-2019-14994HIGHCVSS 7.5≥ unspecified, < 3.9.16≥ 3.10.0, < unspecified+8 more2019-09-19
CVE-2019-14994 [HIGH] CWE-22 CVE-2019-14994: The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center
The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version 4.1.3, from version 4.2.0 before version 4.2.5, from version 4.3.0 before version 4.3.4, and version 4.4.0 allows remote attackers with portal access to vi
cvelistv5nvd