Atlassian Jira Service Desk — known CVE vulnerabilities
Every CVE whose affected-product data names Atlassian Jira Service Desk, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2020-36239 — CVSS 9.8 (critical): Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0…
CVE-2022-26136 — CVSS 9.8 (critical): A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third…
CVE-2022-26137 — CVSS 8.8 (high): A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked…
CVE-2019-15004 — CVSS 7.5 (high): The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before…
CVE-2019-14994 — CVSS 7.5 (high): The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version…
CVE-2021-39115 — CVSS 7.2 (high): Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to…
CVE-2022-26135 — CVSS 6.5 (medium): A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the…
CVE-2021-43959 — CVSS 5.7 (medium): Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to access the content of…
CVE-2019-15003 — CVSS 5.3 (medium): The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before…
CVE-2020-14166 — CVSS 4.8 (medium): The /servicedesk/customer/portals resource in Jira Service Desk Server and Data Center before version 4.10.0 allows remote attackers with…
CVE-2020-14180 — CVSS 4.3 (medium): Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to…
CVE-2015-8481 — CVSS 3.1 (low): Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer attaches the wrong image to e-mail…