Atlassian Jira Service Management Server CVE-2023-22501 Authentication Bypass Vulnerability

description-logoDescription

An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances. With write access to a User Directory and outgoing email enabled on a Jira Service Management instance, an attacker could gain access to signup tokens sent to users with accounts that have never been logged into.

affected-products-logoAffected Applications

Jira Service Management Server and Data Center

Version Updates

Date Version Detail
2024-11-18 1.774 Jira Service Management Server and Data Center
2023-02-03 1.392 Jira Service Management Server and Data Center

CVE References

CVE-2023-22501