Atlassian has issued a security advisory warning that a remote, unauthenticated attacker could exploit a critical vulnerability in its Jira software to bypass authentication protections.
On the CVSS scale, the flaw is rated 9.9 out of 10 and is found in Jira Seraph's authentication framework. Discovered and reported the security flaw by Khoadha of Viettel Cyber Security
If an unauthenticated attacker sends a specially crafted HTTP request to an affected WebWork action, they could bypass authentication and authorization requirements," Atlassian said.
Following Jira products are affected:
- Jira Core Server, Jira Software Server, and Jira Software Data Center: All versions before 8.13.18, 8.14.x, 8.15.x, 8.16.x, 8.17.x, 8.18.x, 8.19.x, 8.20.x before 8.20.6, and 8.21.x
- Jira Service Management Server and Jira Service Management Data Center: All versions before 4.13.18, 4.14.x, 4.15.x, 4.16.x, 4.17.x, 4.18.x, 4.19.x, 4.20.x before 4.20.6, and 4.21.x
Versions 8.13.18, 8.20.6, and 8.22.0 of Jira and Jira Service Management have been fixed, as have versions 4.13.18, 4.20.6, and 4.22.0 of Jira.
First and third-party apps can be affected by the flaw only if they are installed in one of the Jira or Jira Service Management versions and if they are using a vulnerable configuration.
Update to one of the patched versions is strongly recommended to prevent exploitation attempts. If a patch isn't available right away, the company recommends updating or disabling the affected apps.
A critical remote code execution flaw in Atlassian Confluence (CVE-2021-26084, CVSS score: 9.8) was actively weaponized last year to install cryptocurrency miners on compromised servers.
Post a Comment
Your suggestions and comments are welcome