vulnerability
Atlassian JIRA: Authentication bypass in Seraph (CVE-2022-0540)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Apr 20, 2022 | Apr 25, 2022 | May 2, 2022 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Apr 20, 2022
Added
Apr 25, 2022
Modified
May 2, 2022
Description
A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
Solution(s)
atlassian-jira-upgrade-8_13_18atlassian-jira-upgrade-8_20_6atlassian-jira-upgrade-8_22_0

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.