๐Ÿ” CVE Alert

CVE-2022-36803

HIGH 8.8
CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
0th

The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the People role permission to use the MasterUserEdit API to modify any users role to Super Admin. This vulnerability was reported by Jacob Shafer from Bishop Fox.

Vendor atlassian
Product jira align
Ecosystems
Industries
TechnologyEnterprise
Published Oct 14, 2022
Last Updated Oct 2, 2024
Stay Ahead of the Next One

Get instant alerts for atlassian jira align

Be the first to know when new high vulnerabilities affecting atlassian jira align are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Atlassian / Jira Align
unspecified < 10.109.2

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
jira.atlassian.com: https://jira.atlassian.com/browse/JIRAALIGN-4281