Known Vulnerabilities for products from Atlassian

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Atlassian".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2022-43782	Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration...	9.8 - CRITICAL	2022-11-17	2022-11-17
CVE-2022-42978	In the Netic User Export add-on before 1.3.5 for Atlassian Confluence, authorization is mishandled. An unauthenticated attack...	7.5 - HIGH	2022-11-15	2022-11-15
CVE-2022-42977	The Netic User Export add-on before 1.3.5 for Atlassian Confluence has the functionality to generate a list of users in the a...	7.5 - HIGH	2022-11-15	2022-11-15
CVE-2022-39960	The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unau...	5.3 - MEDIUM	2022-09-17	2022-09-17
CVE-2022-38367	The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unaut...	5.3 - MEDIUM	2022-09-05	2022-09-05
CVE-2022-36804	Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before v...	8.8 - HIGH	2022-08-25	2022-09-22
CVE-2022-36803	The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the Peopl...	8.8 - HIGH	2022-10-14	2022-10-14
CVE-2022-36802	The ManageJiraConnectors API in Atlassian Jira Align before version 10.109.2 allows remote attackers to exploit this issue to...	4.9 - MEDIUM	2022-10-14	2022-10-14
CVE-2022-0540	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	9.8 - CRITICAL	2022-04-20	2022-06-10
CVE-2021-43959	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	5.7 - MEDIUM	2022-07-26	2022-08-02
CVE-2021-43958	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	9.8 - CRITICAL	2022-03-16	2022-03-22
CVE-2021-43957	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	7.5 - HIGH	2022-03-16	2022-03-22
CVE-2021-43956	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	6.1 - MEDIUM	2022-03-16	2022-03-22
CVE-2021-43955	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-03-16	2022-03-22
CVE-2021-43954	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-03-14	2022-03-18
CVE-2021-43953	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-02-15	2022-04-25
CVE-2021-43952	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-02-15	2022-06-03
CVE-2021-43951	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-01-10	2022-03-04
CVE-2021-43950	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-02-15	2022-07-12
CVE-2021-43949	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-01-10	2022-03-04

Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Atlassian

Type	Vendor	Product	Version
Application	Atlassian	Activity Streams	6.3.0
Application	Atlassian	Application Links	1.1
Application	Atlassian	Bamboo	1.0
Application	Atlassian	Bitbucket	1.0.0
Application	Atlassian	Cloudtoken	0.0.11
Application	Atlassian	Companion	1.0.0
Application	Atlassian	Confluence	1.0
Application	Atlassian	Crowd	-
Application	Atlassian	Crowd2	-
Application	Atlassian	Crucible	1.1
Application	Atlassian	Data Center	6.12.0
Application	Atlassian	Editor-core	-
Application	Atlassian	Fisheye	1.2.5
Application	Atlassian	Floodlight	0.85
Application	Atlassian	Floodlight Controller	0.85
Application	Atlassian	Greenhopper	5.9.8
Application	Atlassian	Hipchat	0.1.2
Application	Atlassian	Hipchat Data Center	3.0.0
Application	Atlassian	Hipchat Server	2.2.0
Application	Atlassian	Html Include And Replace Macro	1.4.0

Results limited to 20 most recent known configurations

Jira Cloud by Atlassian

apps.apple.com/us/app/jira-cloud-by-atlassian/id1006972087 Search in App Store

App Store Jira Cloud by Atlassian Productivity

Atlassian&Australian enterprise software company

Atlassian Corporation Plc is an Australian software company that develops products for software developers and project managers.

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Known Vulnerabilities for products from Atlassian