A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
Metrics
Affected Vendors & Products
References
History
Thu, 24 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-287 | |
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2022-04-20T18:30:17.641544Z
Updated: 2024-10-24T16:54:19.795Z
Reserved: 2022-02-08T00:00:00
Link: CVE-2022-0540
Vulnrichment
Updated: 2024-08-02T23:32:46.238Z
NVD
Status : Modified
Published: 2022-04-20T19:15:07.680
Modified: 2024-11-21T06:38:52.377
Link: CVE-2022-0540
Redhat
No data.