CVE-2022-0540

CRITICAL EXPLOITED NUCLEI

Atlassian Jira <8.13.18, <8.14.0-8.20.5, <8.21.0-8.22.0 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2022-0540 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 3 public exploits from researchers including Pear1y. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository provides a detailed writeup and verification steps for CVE-2022-0540, an authentication bypass vulnerability in Atlassian Jira Seraph. It includes a Nuclei template for verification and a Beanshell script for RCE exploitation via the WBS Gantt-Chart plugin.

Description

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.

Exploits (3)

nomisec WRITEUP 72 stars
by Pear1y · poc
https://github.com/Pear1y/CVE-2022-0540-RCE

This repository provides a detailed writeup and verification steps for CVE-2022-0540, an authentication bypass vulnerability in Atlassian Jira Seraph. It includes a Nuclei template for verification and a Beanshell script for RCE exploitation via the WBS Gantt-Chart plugin.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Atlassian Jira Seraph with WBS Gantt-Chart for Jira <= 9.14.3.1
No auth needed
Prerequisites: Access to the target Jira instance · WBS Gantt-Chart plugin installed and vulnerable
devstral-2 · analyzed Feb 16, 2026 Full analysis →
vulncheck_xdb WRITEUP
remote-auth
https://github.com/Pear1y/CVE-2022-0540-Preauth-RCE

This repository provides a detailed technical analysis of CVE-2022-0540, an authentication bypass vulnerability in Atlassian Jira Seraph, including exploit steps, preconditions, and a Nuclei template for verification. It does not contain functional exploit code but includes a Beanshell script example for RCE via job scheduler tasks.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Atlassian Jira Server and Data Center, WBS Gantt-Chart for Jira <= 9.14.3.1
No auth needed
Prerequisites: WBS Gantt-Chart for Jira plugin <= 9.14.3.1 · Access to the job scheduler configuration page
devstral-2 · analyzed Feb 25, 2026 Full analysis →
inthewild WRITEUP
poc
https://github.com/pear1y/cve-2022-0540-preauth-rce

This repository provides a detailed technical analysis of CVE-2022-0540, an authentication bypass vulnerability in Atlassian Jira Seraph, along with a Nuclei template for detection. It includes step-by-step exploitation details using the WBS Gantt-Chart plugin's job scheduler and a Beanshell script for RCE.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Atlassian Jira Server and Data Center, WBS Gantt-Chart for Jira <= 9.14.3.1
No auth needed
Prerequisites: WBS Gantt-Chart for Jira plugin installed · Access to the job scheduler interface
devstral-2 · analyzed Feb 23, 2026 Full analysis →

Nuclei Templates (1)

Atlassian Jira Seraph - Authentication Bypass
CRITICALby DhiyaneshDK
Shodan: http.component:"Atlassian Jira" || http.component:"atlassian jira"

References (3)

Core 3
Core References
Issue Tracking, Patch, Vendor Advisory x_refsource_misc
https://confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20
Issue Tracking, Patch, Vendor Advisory x_refsource_misc
https://jira.atlassian.com/browse/JRASERVER-73650
Issue Tracking, Patch, Vendor Advisory x_refsource_misc
https://jira.atlassian.com/browse/JSDSERVER-11224

Scores

CVSS v3 9.8
EPSS 0.9257
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

VulnCheck KEV 2024-03-30
CWE
CWE-287
Status published
Products (4)
atlassian/jira_data_center < 8.13.8
atlassian/jira_server < 8.13.8
atlassian/jira_service_management < 4.13.18
atlassian/jira_service_management < 4.13.8
Published Apr 20, 2022
Tracked Since Feb 18, 2026