Loading HuntDB...

Atlassian Jira Server and Data Center Path Traversal Vulnerability

Added Nov. 12, 2024 Due Dec. 3, 2024 CVE-2021-26086
Overdue Atlassian / Jira Server and Data Center CWE-22

Description

Atlassian Jira Server and Data Center contain a path traversal vulnerability that allows a remote attacker to read particular files in the /WEB-INF/web.xml endpoint.

Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

References

Additional Information

Catalog Version
2025.01.24
Catalog Released
Jan. 24, 2025
Days Until Due
0 days
Last Updated
4 months, 1 week ago