Atlassian has launched fixes to resolve a essential safety flaw in Jira Service Administration Server and Knowledge Middle that might be abused by an attacker to go off as one other person and achieve unauthorized entry to vulnerable situations.
The vulnerability is tracked as CVE-2023-22501 (CVSS rating: 9.4) and has been described as a case of damaged authentication with low assault complexity.
“An authentication vulnerability was found in Jira Service Administration Server and Knowledge Middle which permits an attacker to impersonate one other person and achieve entry to a Jira Service Administration occasion below sure circumstances,” Atlassian mentioned.
“With write entry to a Person Listing and outgoing e-mail enabled on a Jira Service Administration occasion, an attacker may achieve entry to signup tokens despatched to customers with accounts which have by no means been logged into.”
The tokens, Atlassian famous, might be obtained in both of the 2 situations –
- If the attacker is included on Jira points or requests with these customers, or
- If the attacker is forwarded or in any other case features entry to emails containing a “View Request” hyperlink from these customers
It additionally cautioned that whereas customers who’re synced to the Jira service through read-only Person Directories or single sign-on (SSO) usually are not affected, exterior prospects who work together with the occasion through e-mail are affected, even when SSO is configured.
The Australian software program companies supplier mentioned the vulnerability was launched in model 5.3.0 and impacts all subsequent variations 5.3.1, 5.3.2, 5.4.0, 5.4.1, and 5.5.0. Fixes have been made obtainable in variations 5.3.3, 5.3.3, 5.5.1, and 5.6.0 or later.
Atlassian emphasised that Jira websites hosted on the cloud through an atlassian[.]web area usually are not affected by the flaw and that no motion is required on this case.
The disclosure arrives greater than two months after the corporate closed two essential safety holes Bitbucket Server, Knowledge Middle, and Crowd merchandise (CVE-2022-43781 and CVE-2022-43782) that might be exploited to achieve code execution and invoke privileged API endpoints.
With flaws in Atlassian merchandise turning into an alluring assault vector in latest months, it is essential that customers improve their installations to the newest variations to mitigate potential threats.