Atlassian patches serious Jira authentication flaw

Audio player loading…

Atlassian has revealed it has fixed a major flaw in their Service Management Server and Data Center products.The vulnerability, tracked as CVE-2023-22501, allows threat actors to impersonate (opens in new tab) people and gain access to a Jira Service Management instance under certain circumstances. It has been given a severity score of 9.4, making it a critical flaw. “With write access to a User Directory and outgoing email enabled on a Jira Service Management instance, an

Read more