A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAtlassian Jira Data Center
APPAtlassian< 8.13.88.14.0 – 8.20.6 (bez)8.21.0 – 8.22.0 (bez)Atlassian Jira Server
APPAtlassian< 8.13.88.14.0 – 8.20.6 (bez)8.21.0 – 8.22.0 (bez)Atlassian Jira Service Management
APPAtlassian< 4.13.8< 4.13.184.14.0 – 4.20.6 (bez)4.21.0 – 4.22.0 (bez)
Powiązane podatności
There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdminis...
An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows ...
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Fil...
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6....
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows ...