Cross-Site Request Forgery Vulnerability in Atlassian Jira Server and Data Center
CVE-2021-43941

6.5MEDIUM

Key Information:

Vendor: Atlassian
Status: Jira Server; Jira Data Center
Vendor: CVE Published:; 15 February 2022

What is CVE-2021-43941?

A serious security flaw exists in Atlassian Jira Server and Data Center, specifically within the jira-importers-plugin, which permits remote attackers to manipulate multiple resources, such as CsvFieldMappingsPage.jspa and ImporterValueMappingsPage.jspa. This vulnerability impacts versions released prior to 8.13.15 and those from 8.14.0 up to but not including 8.20.3, highlighting a need for users to upgrade promptly to safeguard their systems from potential unauthorized actions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Jira Data Center < 8.13.15

Jira Data Center 8.14.0

Jira Data Center < 8.20.3

References

https://jira.atlassian.com/browse/JRASERVER-73073

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2022
Vulnerability Reserved
Nov 16, 2021

JSON

Atlassian

What is CVE-2021-43941?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.