.. / CVE-2022-0540

Exploit for Atlassian Jira Seraph - Authentication Bypass (CVE-2022-0540)

Description:

Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.

Nuclei Template

View the template here CVE-2022-0540.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-0540.yaml

References:

https://jira.atlassian.com/browse/JSDSERVER-11224
https://blog.viettelcybersecurity.com/cve-2022-0540-authentication-bypass-in-seraph/
https://nvd.nist.gov/vuln/detail/CVE-2022-0540
https://jira.atlassian.com/browse/JRASERVER-73650
https://confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20

.. / CVE-2022-0540 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Atlassian Jira Seraph - Authentication Bypass (CVE-2022-0540)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2022-0540