Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Dec 3, 2024

High
CISA KEV

CVE-2021-26086

AtlassianJira Server and Data Center

Atlassian Jira Server and Data Center contain a path traversal vulnerability that allows a remote attacker to read particular files in the /WEB-INF/web.xml endpoint.

Required Action

https://jira.atlassian.com/browse/JRASERVER-72695 ; https://nvd.nist.gov/vuln/detail/CVE-2021-26086

Vulnerability Overview

Severity
High
CISA KEV
Yes
Ransomware
Unknown
Published
Nov 12, 2024
KEV Added
Nov 12, 2024
Due Date
Dec 3, 2024
Related Articles
0

Vendor

Atlassian

Jira Server and Data Center