Atlassian has released multiple patches to fix critical security vulnerabilities in Jira Service Management Server and Data Center.
This vulnerability (tracked CVE-2023-22501) has a CVSS score of 9.4 and can be exploited by an attacker to impersonate another user and gain unauthorized access to the affected instance is reported.
“If you have write access to your user directory and outbound email is enabled on your Jira Service Management instance, an attacker could access sign-up tokens sent to users with accounts that have never logged in. There is,” read the description of the defect On the Jira website.
According to Atlassian, access to these tokens is either included in Jira issues or requests with these users, or the attacker is forwarded an email containing a “View Request” link (or gains access). acquired).
“Bot accounts are particularly susceptible to this scenario,” the company explains. “In instances of single sign-on, external customer accounts can be impacted in projects where anyone can create their own account.”
Jira versions affected by the vulnerability are 5.3.0, 5.3.1, 5.3.2, 5.4.0, 5.4.1 and 5.5.0. Atlassian confirms that patches have been released for versions 5.3.3, 5.4.2, 5.5.1 and 5.6.0. The company encourages customers to update to the latest patched version to protect their Jira instances from threat actors.
In a related report, Atlassian also stated that FAQ page For this flaw, we have clarified that Atlassian Cloud instances (Jira sites hosted in the cloud via the atlassian.net domain) are not vulnerable.
The patch came months after multiple US security agencies included another Atlassian vulnerability (CVE-2022-26134). in the list Of the 20 common flaws exploited by Chinese government-backed attackers since 2020.
