Vulnerability Details CVE-2025-22176
Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view audit log items.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.9%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2025-22176
-
cpe:2.3:a:atlassian:jira_align:11.14.0
-
cpe:2.3:a:atlassian:jira_align:11.14.0.0719
-
cpe:2.3:a:atlassian:jira_align:11.14.0.0724
-
cpe:2.3:a:atlassian:jira_align:11.14.1
-
cpe:2.3:a:atlassian:jira_align:11.14.1.0806
-
cpe:2.3:a:atlassian:jira_align:11.14.1.0808
-
cpe:2.3:a:atlassian:jira_align:11.15.0
-
cpe:2.3:a:atlassian:jira_align:11.15.0.0820
-
cpe:2.3:a:atlassian:jira_align:11.15.0.0821
-
cpe:2.3:a:atlassian:jira_align:11.15.0.0822
-
cpe:2.3:a:atlassian:jira_align:11.15.1
-
cpe:2.3:a:atlassian:jira_align:11.16.0
-
cpe:2.3:a:atlassian:jira_align:11.16.0.0924
-
cpe:2.3:a:atlassian:jira_align:11.16.0.0925