Jira Server/DC impacted by CVE-2022-22970 & CVE-2022-22971 via vulnerable version of Spring framework

🗓️ 03 Feb 2023 05:39:50Reported by security-metrics-botType

Atlassian Jira Server/DC impacted by CVE-2022-22970 & CVE-2022-22971 due to old Spring framewor

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 69
OpenVAS	VMware Spring Framework < 5.2.22, 5.3.x < 5.3.20 Multiple DoS Vulnerabilities - Windows	11 May 202200:00	–	openvas
OpenVAS	VMware Spring Framework < 5.2.22, 5.3.x < 5.3.20 Multiple DoS Vulnerabilities - Linux	11 May 202200:00	–	openvas
Atlassian	Synchrony Proxy: spring-beans 5.3.19 is vulnerable to CVE-2022-22970	14 Sep 202206:31	–	atlassian
Tenable Nessus	Atlassian Jira < 9.6.0 (JRASERVER-74776) (deprecated)	13 Mar 202300:00	–	nessus
Tenable Nessus	Oracle MySQL Enterprise Monitor (Jan 2023 CPU)	20 Jan 202300:00	–	nessus
Tenable Nessus	Oracle WebLogic Server 14.1.1 < 14.1.1.0.221010 (Oct 2022 CPU)	20 Oct 202200:00	–	nessus
Tenable Nessus	Oracle WebLogic Server (Oct 2022 CPU)	20 Oct 202200:00	–	nessus
Tenable Nessus	Zimbra Collaboration Server 9.0.0 < 9.0.0 Patch 33 Multiple Vulnerabilities	20 Jul 202300:00	–	nessus
Tenable Nessus	Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 40 Multiple Vulnerabilities	20 Jul 202300:00	–	nessus
Tenable Nessus	Oracle Siebel Server (October 2022 CPU)	11 Dec 202400:00	–	nessus

Vulners

Node

atlassian jira_data_centerRange≤9.4.0

atlassian jira_data_centerRange≤8.20.15

atlassian jira_data_centerRange<9.6.0

atlassian jira_data_centerRange<8.20.22

atlassian jira_data_centerRange<9.4.6

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

03 Feb 2023 05:50Current

6.2Medium risk

Vulners AI Score6.2

CVSS24

CVSS36.5

EPSS0.00618