Experience the power of our SaaS-based platform today by signing up for a Free Trial

An Authentication Vulnerability Discovered in Jira Service Management Server and Data Center

Threat Advisories

An Authentication Vulnerability Discovered in Jira Service Management Server and Data Center

Threat Level
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

A security vulnerability was found in Jira Service Management Server and Data Center (versions 5.3.0 to 5.5.0) which allows an attacker to access a Jira Service Management instance by impersonating another user. The vulnerability is present when the attacker has to write access to a User Directory and outgoing email is enabled. Bot accounts and external customer accounts are particularly vulnerable.

Sign up to receive our Weekly Threat Digest