Forums

Articles
Create
cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Jira Service Management - February 2023 - CVE-2023-22501

Atlassian has published a new security advisory today 1st of February 2023. CVE-2023-22501 is a critical security advisory that affects Jira Service Management Server and Data Center.
The following versions are affected by this vulnerability:

  • 5.3.0
  • 5.3.1
  • 5.3.2
  • 5.4.0
  • 5.4.1
  • 5.5.0

Atlassian recommends that you upgrade each of your affected installations to one of the listed fixed versions (or any later version), The Fixed versions of the application are:

  • 5.3.3
  • 5.4.2
  • 5.5.1
  • 5.6.0 or later

Please see the complete advisory in Jira Service Management - Broken Authentication vulnerability in JSM - CVE-2023-22501 and the accompanying FAQ page for full details on the CVE and the steps to fix or mitigate the issue.

Additional information:

3 comments

Plarium Ukraine
February 2, 2023

Someone slightly missed or what is that?

atl.PNGatl2.PNG

Like • Mikael Sandberg likes this
Stephen King
Contributor
February 2, 2023

We run Jira Software v.8.20.11 on-prem. Is this product impacted by this advisory?

It is unclear if Jira Service Management Server and Data Center are components of Jira Software 8.20.11. Thanks!

Like • # people like this
Dan Breyen
Community Champion
March 31, 2023

Newbie question, what is CVE?

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events