High severity7.5NVD Advisory· Published Aug 30, 2021· Updated Jun 17, 2026
CVE-2021-39113
CVE-2021-39113
Description
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to continue to view cached content even after losing permissions, via a Broken Access Control vulnerability in the allowlist feature. The affected versions are before version 8.13.9, and from version 8.14.0 before 8.18.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<8.13.9, 8.14.0-<8.18.0+ 1 more
- (no CPE)range: <8.13.9, 8.14.0-<8.18.0
- (no CPE)range: unspecified
<8.13.9, 8.14.0-<8.18.0+ 1 more
- (no CPE)range: <8.13.9, 8.14.0-<8.18.0
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- jira.atlassian.com/browse/JRASERVER-72573nvdIssue TrackingVendor Advisory
News mentions
0No linked articles in our index yet.