Lucene search
AtlassianCVELIST:CVE-2019-8443HistoryMay 22, 2019 - 5:37 p.m.
CVE-2019-8443
2019-05-2217:37:11
atlassian
www.cve.org
7
The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers who have obtained access to administrator’s session to access the ViewUpgrades administrative resource without needing to re-authenticate to pass “WebSudo” through an improper access control vulnerability.
CNA Affected
[
{
"product": "Jira",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.13.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
},
{
"lessThan": "8.0.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
},
{
"lessThan": "8.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2019-8443
2019-05-22 18:29:02
cve
cve
CVE-2019-8443
2019-05-22 18:29:02
atlassian
atlassian
Authorisation bypass in the ViewUpgrades resource - CVE-2019-8443
2019-04-29 03:47:05
Authorisation bypass in the ViewUpgrades resource - CVE-2019-8443
2019-04-29 03:47:05
prion
prion
Improper access control
2019-05-22 18:29:00
nessus
nessus
Atlassian Jira 7.13.x < 7.13.4, 8.0.x < 8.0.4, 8.1.x < 8.1.1 Multiple Vulnerabilities
2019-05-31 00:00:00
Atlassian Jira 8.0.0 < 8.0.4 Multiple Vulnerabilities
2023-03-14 00:00:00
Atlassian Jira 8.1.0 < 8.1.1 Multiple Vulnerabilities
2023-03-14 00:00:00