13 matches found
Atlassian Bamboo < 7.2.10 / 8.0.x < 8.0.9 / 8.1.x < 8.1.4 / 8.2.x < 8.2.4 Multiple Vulnerabilities
The version of Atlassian Bamboo installed on the remote host is prior to 7.2.10, 8.0.x prior to 8.0.9, 8.1.x prior to 8.1.8 or 8.2.4. It is, therefore affected by multiple vulnerabilities: - A remote, unauthenticated attacker can bypass arbitrary Servlet Filters used by first and third party apps...
Atlassian Confluence 7.15.x < 7.15.2 Multiple Servlet Filter Vulnerabilities
According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.4.17, 7.5.x prior to 7.13.7, 7.14.x prior to 7.14.3, 7.15.x prior to 7.15.2, 7.16.x prior to 7.16.4, 7.17.x prior to 7.17.4 or 7.18.0. It is, therefore, affected by the...
Atlassian Confluence 7.17.x < 7.17.4 Multiple Servlet Filter Vulnerabilities
According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.4.17, 7.5.x prior to 7.13.7, 7.14.x prior to 7.14.3, 7.15.x prior to 7.15.2, 7.16.x prior to 7.16.4, 7.17.x prior to 7.17.4 or 7.18.0. It is, therefore, affected by the...
Atlassian Jira 8.21.x < 8.22.4 Multiple Servlet Filter Vulnerabilities
According to its self-reported version number, the Atlassian Jira application running on the remote host is prior to 8.13.22, 8.14.x prior to 8.20.10 or 8.21.x prior to 8.22.4. It is, therefore, affected by the following vulnerabilities : - An arbitrary servlet filter bypass vulnerability which c...
Atlassian Jira < 8.13.22 Multiple Servlet Filter Vulnerabilities
According to its self-reported version number, the Atlassian Jira application running on the remote host is prior to 8.13.22, 8.14.x prior to 8.20.10 or 8.21.x prior to 8.22.4. It is, therefore, affected by the following vulnerabilities : - An arbitrary servlet filter bypass vulnerability which c...
Atlassian Jira < 8.13.22 / 8.20.x < 8.20.10 / 8.22.x < 8.22.4 / 9.0.0 XSS (JRASERVER-73897)
The version of Atlassian Jira Server running on the remote host is affected by a vulnerability as referenced in the JRASERVER-73897 advisory. - A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. Th...
Atlassian Rolls Out Security Patch for Critical Confluence Vulnerability
Atlassian has rolled out fixes to remediate a critical security vulnerability pertaining to the use of hard-coded credentials affecting the Questions For Confluence app for Confluence Server and Confluence Data Center. The flaw, tracked as CVE-2022-26138, arises when the app in question is enable...
CVE-2022-26136
CVE-2022-26136 is a vulnerability in multiple Atlassian products where remote, unauthenticated attackers can bypass Servlet Filters used by first and third‑party apps, potentially causing authentication bypass and XSS. Affected products and fixed ranges are provided: Atlassian Bamboo (<8.0.9, ...
CVE-2022-26136
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in authentication bypass and...
Atlassian Jira < 8.13.22 / 8.14.x < 8.20.10 XSS (JRASERVER-73897)
The version of Atlassian Jira installed on the remote host is prior to 8.13.22 / 8.14.x 8.20.10. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-73897 advisory. - Multiple Servlet Filter vulnerabilities have been fixed in Jira Server and Data Center. These...
Crucible: Multiple Servlet Filter Vulnerabilities
Multiple Servlet Filter vulnerabilities have been fixed in Crucible. These vulnerabilities also affect other Atlassian products. For more information, refer to Atlassian's security...
Confluence: Multiple Servlet Filter Vulnerabilities
Multiple Servlet Filter vulnerabilities have been fixed in Confluence Server and Data Center. These vulnerabilities also affect other Atlassian products. For more information, refer to Atlassian's security...
Jira: Multiple Servlet Filter Vulnerabilities
Multiple Servlet Filter vulnerabilities have been fixed in Jira Server and Data Center. These vulnerabilities also affect other Atlassian products. For more information, refer to Atlassian's security...