Atlassian – CVE-2022-0540, CVE-2016-10750, CVE-2022-26133
Atlassian has released security fixes for multiple vulnerabilities
Atlassian Jira software, Confluence Data Center, and Bitbucket Data Center
1, Atlassian Jira Software
Atlassian has released updates for Jira and Jira Service Management that addresses a critical authentication bypass vulnerability in its web authentication framework, Jira Seraph. An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted HTTP request to bypass authentication and authorisation requirements in WebWork actions using an affected configuration and take control of the system.
The following Atlassian Software is affected
- Jira
- Jira Core Server
- Jira Software Server
- Jira Software Data Center
- Jira Service Management
- Jira Service Management Server
- Jira Service Management Data Center
- Insight – Asset Management
- Mobile Plugin for Jira
Atlassian cloud instances are not vulnerable and no customer action is required.
Installing a fixed version listed below is the surest way to remediate CVE-2022-0540. Once a fixed version has been installed, all apps in your Jira or JSM instance are protected against CVE-2022-0540 and no further action is required.
Fixed Jira Versions for…
Jira Core Server
Jira Software Server
Jira Software Data Center
- 8.13.x >= 8.13.18
- 8.20.x >= 8.20.6
- All versions >= 8.22.0
Fixed Jira Service Management Versions for…
Jira Service Management Server
Jira Service Management Data Center
- 4.13.x >= 4.13.18
- 4.20.x >= 4.20.6
- All versions >= 4.22.0
Full information about remediation work can be found here
Jira Security Advisory 2022-04-20 | Atlassian Support | Atlassian Documentation
Further information can also be found here
FAQ for CVE-2022-0540 | Atlassian Support | Atlassian Documentation
2, Confluence Data Center, and Bitbucket Data Center
Multiple Atlassian products use the third-party software Hazelcast, which is vulnerable to Java deserialization attacks. Hazelcast is used by these products when they’re configured to run as a cluster. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted request, resulting in arbitrary code execution.
The following Atlassian Software is affected
- Confluence Data Center
- Bitbucket Data Center
Bitbucket Server is not affected. Bitbucket Cloud is not affected.
Affected Bitbucket Data Center Versions
- All versions before 7
- All version within 7 before the fixed versions.
Fixed Bitbucket Data Center Versions
- 7.6.14
- 7.17.6
- 7.18.4
- 7.19.4
- 7.20.1
- 7.21.0
Affected Confluence Data Center Versions
All versions 5.6 and above. Check for the following string in the confluence.cfg.xml file in the Confluence home directory:
<property name="confluence.cluster">true</property>
if this line is present then the software is vulnerable.
Workaround for Confluence Data Center
There is no fix at present, however the risk is greatly reduced by using a firewall or similar to exclude any device other than the cluster nodes to communicate on 5701/TCP and 5801/TCP. Details in the link below.
Full information about remediation work can be found here
If you have any concerns regarding this matter, please contact Daisy via our Service Desk team on 0330 024 3333 or our Customer Portal.