CVE-2022-0540

CRITICAL EXPLOITED NUCLEI

Atlassian Jira <8.13.18, <8.14.0-8.20.5, <8.21.0-8.22.0 - Auth Bypass

Title source: llm

Description

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.

Exploits (3)

nomisec WRITEUP 72 stars

by Pear1y · poc

https://github.com/Pear1y/CVE-2022-0540-RCE

View Code ZIP pw:eip

vulncheck_xdb WRITEUP

remote-auth

https://github.com/Pear1y/CVE-2022-0540-Preauth-RCE

View Code ZIP pw:eip

inthewild WRITEUP

poc

https://github.com/pear1y/cve-2022-0540-preauth-rce

View Code ZIP pw:eip

Nuclei Templates (1)

Atlassian Jira Seraph - Authentication Bypass

CRITICALby DhiyaneshDK

Shodan: http.component:"Atlassian Jira" || http.component:"atlassian jira"

References (3)

[Issue Tracking, Patch, Vendor Advisory] https://confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20

[Issue Tracking, Patch, Vendor Advisory] https://jira.atlassian.com/browse/JRASERVER-73650

[Issue Tracking, Patch, Vendor Advisory] https://jira.atlassian.com/browse/JSDSERVER-11224

Scores

CVSS v3 9.8

EPSS 0.9238

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2024-03-30

CWE

CWE-287

Status published

Products (4)

atlassian/jira_data_center < 8.13.8

atlassian/jira_server < 8.13.8

atlassian/jira_service_management < 4.13.18

atlassian/jira_service_management < 4.13.8

Published Apr 20, 2022

Tracked Since Feb 18, 2026