CVE-2022-0540

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
References
Link Resource
https://confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20 Issue Tracking Patch Vendor Advisory
https://jira.atlassian.com/browse/JRASERVER-73650 Issue Tracking Patch Vendor Advisory
https://jira.atlassian.com/browse/JSDSERVER-11224 Issue Tracking Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*
cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*
cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*
cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*
cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*
cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*

History

24 Oct 2024, 17:35

Type Values Removed Values Added
CWE CWE-287

08 Aug 2023, 14:22

Type Values Removed Values Added
CWE CWE-287 NVD-CWE-noinfo

Information

Published : 2022-04-20 19:15

Updated : 2024-10-24 17:35


NVD link : CVE-2022-0540

Mitre link : CVE-2022-0540

CVE.ORG link : CVE-2022-0540


JSON object : View

Products Affected

atlassian

  • jira_data_center
  • jira_server
  • jira_service_management
CWE
NVD-CWE-noinfo CWE-287

Improper Authentication