Every CVE whose affected-product data names Atlassian Data Center, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (38)
CVE-2017-18113 — CVSS 8.8 (high): The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a…
CVE-2021-39123 — CVSS 7.5 (high): Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to impact the application's availability…
CVE-2021-39113 — CVSS 7.5 (high): Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to continue to view cached content even after…
CVE-2021-41312 — CVSS 7.5 (high): Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service…
CVE-2021-26070 — CVSS 7.2 (high): Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked…
CVE-2021-43947 — CVSS 7.2 (high): Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code…
CVE-2021-41304 — CVSS 6.1 (medium): Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a…
CVE-2021-39111 — CVSS 6.1 (medium): The Editor plugin in Atlassian Jira Server and Data Center before version 8.5.18, from 8.6.0 before 8.13.10, and from version 8.14.0 before…
CVE-2020-36288 — CVSS 6.1 (medium): The issue navigation and search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and…
CVE-2021-26078 — CVSS 6.1 (medium): The number range searcher component in Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before version 8.13.6…
CVE-2021-26079 — CVSS 6.1 (medium): The CardLayoutConfigTable component in Jira Server and Jira Data Center before version 8.5.15, and from version 8.6.0 before version…
CVE-2021-26083 — CVSS 5.4 (medium): Export HTML Report in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version…
CVE-2021-26082 — CVSS 5.4 (medium): The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version…
CVE-2021-26081 — CVSS 5.3 (medium): REST API in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0…
CVE-2019-20101 — CVSS 5.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view whitelist rules via a Broken Access…
CVE-2020-14181 — CVSS 5.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure…
CVE-2020-29453 — CVSS 5.3 (medium): The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from…
CVE-2020-36237 — CVSS 5.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an…
CVE-2020-36238 — CVSS 5.3 (medium): The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from…
CVE-2020-36286 — CVSS 5.3 (medium): The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from…
CVE-2020-36287 — CVSS 5.3 (medium): The dashboard gadgets preference resource of the Atlassian gadgets plugin used in Jira Server and Jira Data Center before version 8.13.5…
CVE-2020-36289 — CVSS 5.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure…
CVE-2021-26069 — CVSS 5.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to download temporary files and enumerate…
CVE-2021-39118 — CVSS 5.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow remote attackers to discover the usernames and full names of users via an…
CVE-2021-39119 — CVSS 5.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow users who have watched an issue to continue receiving updates on the issue…
CVE-2021-39122 — CVSS 5.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information…
CVE-2021-39125 — CVSS 5.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to discover the usernames of users via an…
CVE-2021-43945 — CVSS 4.8 (medium): Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject…
CVE-2021-39112 — CVSS 4.8 (medium): Affected versions of Atlassian Jira Server and Data Center allow remote attackers to redirect users to a malicious URL via a reverse…
CVE-2021-39117 — CVSS 4.8 (medium): The AssociateFieldToScreens page in Atlassian Jira Server and Data Center before version 8.18.0 allows remote attackers to inject arbitrary…
CVE-2020-36234 — CVSS 4.8 (medium): Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site…
CVE-2020-29451 — CVSS 4.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate Jira projects via an Information Disclosure…
CVE-2021-43953 — CVSS 4.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU…
CVE-2021-26075 — CVSS 4.3 (medium): The Jira importers plugin AttachTemporaryFile rest resource in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before…
CVE-2021-39124 — CVSS 4.3 (medium): The Cross-Site Request Forgery (CSRF) failure retry feature of Atlassian Jira Server and Data Center before version 8.16.0 allows remote…
CVE-2021-39121 — CVSS 4.3 (medium): Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to enumerate the keys of private Jira…
CVE-2021-26076 — CVSS 3.7 (low): The jira.editor.user.mode cookie set by the Jira Editor Plugin in Jira Server and Data Center before version 8.5.12, from version 8.6.0…
CVE-2021-26071 — CVSS 3.5 (low): The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and…