A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
History

Thu, 24 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-287
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: atlassian

Published: 2022-04-20T18:30:17.641544Z

Updated: 2024-10-24T16:54:19.795Z

Reserved: 2022-02-08T00:00:00

Link: CVE-2022-0540

cve-icon Vulnrichment

Updated: 2024-08-02T23:32:46.238Z

cve-icon NVD

Status : Modified

Published: 2022-04-20T19:15:07.680

Modified: 2024-10-24T17:35:01.930

Link: CVE-2022-0540

cve-icon Redhat

No data.