Unrated severityNVD Advisory· Published Apr 20, 2022· Updated Oct 24, 2024
CVE-2022-0540
CVE-2022-0540
Description
A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
Affected products
5unspecified+ 1 more
- (no CPE)range: unspecified
- (no CPE)range: unspecified
unspecified+ 1 more
- (no CPE)range: unspecified
- (no CPE)range: unspecified
- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20mitrex_refsource_MISC
- jira.atlassian.com/browse/JRASERVER-73650mitrex_refsource_MISC
- jira.atlassian.com/browse/JSDSERVER-11224mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.