Atlassian Jira Service Management Server CVE-2023-22501 Authentication Bypass Vulnerability


An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances. With write access to a User Directory and outgoing email enabled on a Jira Service Management instance, an attacker could gain access to signup tokens sent to users with accounts that have never been logged into.

affected-products-logoAffected Applications

Jira Service Management Server and Data Center

Telemetry logoTelemetry

CVE References