Versions Compared

Old Version 5

changes.mady.by.user Paulo Alves

Saved on

compared with

New Version 6

changes.mady.by.user Paulo Alves

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note

Jira and Jira Service Management are vulnerable to an authentication bypass in its web authentication framework, Jira Seraph.

Although the vulnerability is at the core of Jira, it affects first and third-party apps like Xporter.

We recommend the upgrade of Jira as mentioned on the Atlassian Security Advisory so all apps in your instance are protected against CVE-2022-0540. As an alternative, Xporter released the 6.9.9 to the Atlassian Marketplace which fixes the vulnerability.

Xporter for Jira Server and Data Center - Authentication Bypass in Jira Seraph - CVE-2022-0540

...

Jira
serverXpand IT Issue Tracker
serverIdb6309ad5-5416-33d6-9a09-a3e02f20d3e6
keyXPORTER-3975


Fix

We recommend the upgrade of Jira as mentioned on the Atlassian Security Advisory

...

 so all apps in your instance are protected against CVE-2022-0540. As an alternative, Xporter released the 6.9.9 to the Atlassian Marketplace which fixes the vulnerability.


What You Need to Do

Upgrade

...