Changeflow GovPing Data Privacy & Cybersecurity Atlassian Jira Multiple Vulnerabilities
Priority review Notice Added Final

Atlassian Jira Multiple Vulnerabilities

Favicon for wid.cert-bund.de CERT-Bund Security Advisories
Published March 17th, 2026
Detected March 18th, 2026
Email

Summary

CERT-Bund has issued a security advisory for Atlassian Jira, detailing multiple vulnerabilities with a CVSS base score of 7.2. The advisory affects Data Center and Server versions prior to specific releases. Users are advised to implement mitigations.

View original document View source feed page

What changed

CERT-Bund has released Security Advisory WID-SEC-2026-0770 concerning multiple vulnerabilities in Atlassian Jira Data Center and Server products. The vulnerabilities, rated with a CVSS base score of 7.2 (high) and a temporal score of 6.3 (medium), allow for remote attacks. Affected versions include Atlassian Jira Data Center and Server versions prior to 11.3.3 and 10.3.18, and Jira Service Management Data Center and Server versions prior to 11.3.3 and 10.3.18.

Exploitation of these vulnerabilities could lead to arbitrary code execution, data manipulation and disclosure, cross-site scripting (XSS) attacks, or denial-of-service (DoS) conditions. Organizations using affected Jira instances should review the advisory and implement the recommended mitigations to protect their systems and data. The advisory indicates that mitigations are available, but specific details on patching or workarounds are not provided in this summary.

What to do next

  1. Review CERT-Bund Security Advisory WID-SEC-2026-0770 for affected Atlassian Jira versions.
  2. Implement recommended mitigations for identified vulnerabilities.
  3. Monitor for vendor patches and apply them promptly.

Source document (simplified)

[WID-SEC-2026-0770] Atlassian Jira: Mehrere Schwachstellen CVSS Base Score 7.2 (hoch) CVSS Temporal Score 6.3 (mittel) Remoteangriff ja Datum 17.03.2026 Stand 18.03.2026 Mitigation ja

Betroffene Systeme

Betriebssystem

  • Sonstiges
  • UNIX
  • Windows

Produktbeschreibung

Jira ist eine Webanwendung zur Softwareentwicklung.

Produkte

17.03.2026
- Atlassian Jira Data Center and Server <11.3.3

  • Atlassian Jira Data Center and Server <10.3.18

  • Atlassian Jira Service Management Data Center and Server <11.3.3

  • Atlassian Jira Service Management Data Center and Server <10.3.18

Angriff

Angriff

Ein Angreifer kann mehrere Schwachstellen in Atlassian Jira ausnutzen, um beliebigen Programmcode auszuführen, Daten zu manipulieren und offenzulegen, Cross-Site-Scripting-Angriffe durchzuführen oder einen Denial-of-Service-Zustand herbeizuführen. CVE Informationen Versionshistorie Feedback zum Advisory geben

Related changes

Favicon for wid.cert-bund.de nghttp2 Vulnerability Allows Denial of Service
Priority review Mar 18, 2026 CERT-Bund Security Advisories Data Privacy & Cybersecurity
Favicon for wid.cert-bund.de Linux Kernel Vulnerabilities
Priority review Mar 18, 2026 CERT-Bund Security Advisories Data Privacy & Cybersecurity
Favicon for wid.cert-bund.de Budibase Vulnerability Allows Bypass and Information Disclosure
Priority review Mar 18, 2026 CERT-Bund Security Advisories Data Privacy & Cybersecurity
Favicon for www.cyber.nj.gov Monroe University Data Breach Affects 320,000 Individuals
Priority review Mar 18, 2026 NJ Cybersecurity: Public Data Breaches Government General
Favicon for www.cert.ssi.gouv.fr VMware Products Multiple Vulnerabilities Advisory
Priority review Mar 18, 2026 CERT-FR Security Advisories Data Privacy & Cybersecurity
Favicon for www.cert.ssi.gouv.fr Multiple vulnerabilities found in Atlassian products
Priority review Mar 18, 2026 CERT-FR Security Advisories Data Privacy & Cybersecurity

Source

Favicon for wid.cert-bund.de
CERT-Bund Security Advisories wid.cert-bund.de/content/public/securityAdvisory/rss
Data Privacy & Cybersecurity
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
CERT-Bund
Published
March 17th, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Substantive

Who this affects

Applies to
Technology companies
Geographic scope
de

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Topics
Software Vulnerabilities Data Security

Browse Categories

Agriculture & Food Safety 61 Banking & Finance 211 Consumer Protection 35 Courts & Legal 243 Data Privacy & Cybersecurity 59 Defense & National Security 48 Education 20 Energy 94 Environment 81 Government & Legislation 240 Healthcare 106 Housing 15 Immigration 8 Insurance 17 Labor & Employment 107 Pharma & Drug Safety 72 Securities & Markets 73 Tax 48 Telecom & Technology 34 Trade & Sanctions 122 Transportation 56

Get Data Privacy & Cybersecurity alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when CERT-Bund Security Advisories publishes new changes.

Free. Unsubscribe anytime.