Detections
Analytics

Atlassian Jira Seraph Authentication Bypass

critical Web App Scanning Plugin ID 113249

Language:

Synopsis

Atlassian Jira Seraph Authentication Bypass

Description

Atlassian Jira versions < 8.13.18, 8.14.x, 8.15.x, 8.16.x, 8.17.x, 8.18.x, 8.19.x, 8.20.x < 8.20.6, 8.21.x and Atlassian Jira Service Management versions < 4.13.18, 4.14.x, 4.15.x, 4.16.x, 4.17.x, 4.18.x, 4.19.x, 4.20.x < 4.20.6 and 4.21.x use a common authentication framework named Atlassian Jira Seraph which suffers from an authentication bypass vulnerability.

By crafting a specific HTTP request, a remote and unauthenticated attacker could exploit this vulnerability to bypass authentication and authorization requirements in WebWork actions using an affected configuration. The impact of the vulnerability depends on the applications used in the Jira or Jira Service Management instance and their usage of the Jira Seraph framework.

Solution

Update the affected Jira instance to versions 8.13.18, 8.20.6 or starting at release 8.22.0 and latest or Jira Service Management instance to versions 4.13.18, 4.20.6 or starting at release 4.22.0 or latest.

See Also

https://confluence.atlassian.com/jira/jira-security-advisory-2022-04-20-1115127899.html

https://jira.atlassian.com/browse/JRASERVER-73650

https://jira.atlassian.com/browse/JSDSERVER-11224

Plugin Details

Severity: Critical

ID: 113249

Type: remote

Published: 6/28/2022

Updated: 6/28/2022

Scan Template: basic, full, pci, scan

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2022-0540

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS Score Source: CVE-2022-0540

Vulnerability Information

CPE: cpe:2.3:a:atlassian:jira_core:*:*:*:*:*:*:*:*

Reference Information

CVE: CVE-2022-0540