CVE-2021-26070

Name of the Vulnerable Software and Affected Versions Atlassian Jira Server and Data Center versions prior to 8.13.3 Atlassian Jira Server and Data Center versions 8.14.0 through 8.14.0

Description The issue allows remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the makeRequest gadget resource.

Recommendations For versions prior to 8.13.3, update to version 8.13.3 or later. For version 8.14.0, update to version 8.14.1 or later. As a temporary workaround, consider disabling the makeRequest gadget resource until a patch is available.