CVE-2022-0540
Summary
| CVE | CVE-2022-0540 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-04-20 19:15:00 UTC |
| Updated | 2023-08-08 14:22:00 UTC |
| Description | A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Atlassian | Jira Core | All | All | All | All |
| Application | Atlassian | Jira Data Center | All | All | All | All |
| Application | Atlassian | Jira Server | All | All | All | All |
| Application | Atlassian | Jira Service Management | All | All | All | All |
| Application | Atlassian | Jira Service Management | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [JSDSERVER-11224] Authentication Bypass in Jira Seraph - CVE-2022-0540 - Create and track feature requests for Atlassian products. | MISC | jira.atlassian.com | |
| Jira Security Advisory 2022-04-20 | Atlassian Support | Atlassian Documentation | MISC | confluence.atlassian.com | |
| [JRASERVER-73650] Authentication Bypass in Jira Seraph - CVE-2022-0540 - Create and track feature requests for Atlassian products. | MISC | jira.atlassian.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.