Security News > 2023 > February > Patch your Jira Service Management Server and Data Center and check for compromise! (CVE-2023-22501)
Australian software maker Atlassian has released patches for CVE-2023-22501, a critical authentication vulnerability in Jira Service Management Server and Data Center, and is urging users to upgrade quickly.
"Installing a fixed version of Jira Service Management is the recommended way to remediate this vulnerability. If you are unable to immediately upgrade Jira Service Management, you can manually upgrade the version-specific servicedesk-variable-substitution-plugin JAR file as a temporary workaround," they advised.
Jira Service Management Server and Data Center are enterprise solutions for IT service management, connecting and allowing collaboration between development, IT operations, and business teams.
"With write access to a User Directory and outgoing email enabled on a Jira Service Management instance, an attacker could gain access to signup tokens sent to users with accounts that have never been logged into. Access to these tokens can be obtained in two cases: if the attacker is included on Jira issues or requests with these users, or f the attacker is forwarded or otherwise gains access to emails containing a 'View Request' link from these users," Atlassian explained.
Jira Service Management Server and Data Center versions 5.3.0 to 5.3.2 and 5.4.0 to 5.5.0 are affected, and customers are advised install a fixed version: 5.3.3, 5.4.2, 5.5.1, 5.6.0 or later.
"If it is determined that your Jira Service Management Server/DC instance has been compromised, our advice is to immediately shut down and disconnect the server from the network/Internet. Also, you may want to immediately shut down any other systems which potentially share a user base or have common username/password combinations with the compromised system. Before doing anything else you will need to work with your local security team to identify the scope of the breach and your recovery options," they concluded.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-01 | CVE-2023-22501 | Improper Authentication vulnerability in Atlassian Jira Service Management An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances_._ With write access to a User Directory and outgoing email enabled on a Jira Service Management instance, an attacker could gain access to signup tokens sent to users with accounts that have never been logged into. | 9.1 |