Atlassian Patches Critical Jira Authentication Vulnerability
Atlassian has revealed that they have fixed a major vulnerability in their Service Management Server and Data Center products.
The vulnerability, tracked as CVE-2023-22501, allows threat actors Impersonation (opens in a new tab) everyone and have access to the Jira Service Manager instance under certain circumstances. It has been given a severity score of 9.4, making it a critical vulnerability.
“With write access to User Folders and outgoing email enabled on the Jira Service Management instance, an attacker could gain access to the registration token sent to a user with an unregistered account. never log in,” Atlassian noted in the vulnerability’s description. .
The company explains that the threat actor can obtain the token by being included in Jira issues or requests with users, or if they somehow receive an email with a “View Request” link.
Atlassian further explains: “Bot accounts are particularly vulnerable to this scenario. “In single sign-on cases, external customer accounts can be affected in projects where anyone can create their own account.”
These are the vulnerable versions of Jira: 5.3.0; 5.3.1; 5.3.2; 5.4.0; 5.4.1 and 5.5.0. Just to be on the safe side, make sure to upgrade your Jira to version 5.3.3; 5.4.2; 5.5.1 or 5.6.0.
Atlassian products appear to be common targets for cybercriminals. In October last year, the US Cybersecurity and Infrastructure Agency (CISA) noted that a high severity vulnerability was found in two widely used Atlassian Bitbucket engines – Server and Central. data centers, are being actively exploited in practice.
Earlier, in July, it was reported that Jira, Confluence, and Bamboo were vulnerable to CVE-2022-26136, an arbitrary Servlet Filter bypass filter that allows threat actors to bypass Servlet Filters customizations that third-party apps use for authentication. The vulnerability is considered critical.
Through: Information Security Magazine (opens in a new tab)