12 matches found
Atlassian Bamboo < 7.2.10 / 8.0.x < 8.0.9 / 8.1.x < 8.1.4 / 8.2.x < 8.2.4 Multiple Vulnerabilities
The version of Atlassian Bamboo installed on the remote host is prior to 7.2.10, 8.0.x prior to 8.0.9, 8.1.x prior to 8.1.8 or 8.2.4. It is, therefore affected by multiple vulnerabilities: - A remote, unauthenticated attacker can bypass arbitrary Servlet Filters used by first and third party apps...
Atlassian Confluence 7.15.x < 7.15.2 Multiple Servlet Filter Vulnerabilities
According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.4.17, 7.5.x prior to 7.13.7, 7.14.x prior to 7.14.3, 7.15.x prior to 7.15.2, 7.16.x prior to 7.16.4, 7.17.x prior to 7.17.4 or 7.18.0. It is, therefore, affected by the...
Atlassian Jira < 8.13.22 Multiple Servlet Filter Vulnerabilities
According to its self-reported version number, the Atlassian Jira application running on the remote host is prior to 8.13.22, 8.14.x prior to 8.20.10 or 8.21.x prior to 8.22.4. It is, therefore, affected by the following vulnerabilities : - An arbitrary servlet filter bypass vulnerability which c...
Atlassian Confluence 7.17.x < 7.17.4 Multiple Servlet Filter Vulnerabilities
According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.4.17, 7.5.x prior to 7.13.7, 7.14.x prior to 7.14.3, 7.15.x prior to 7.15.2, 7.16.x prior to 7.16.4, 7.17.x prior to 7.17.4 or 7.18.0. It is, therefore, affected by the...
Atlassian Jira 8.21.x < 8.22.4 Multiple Servlet Filter Vulnerabilities
According to its self-reported version number, the Atlassian Jira application running on the remote host is prior to 8.13.22, 8.14.x prior to 8.20.10 or 8.21.x prior to 8.22.4. It is, therefore, affected by the following vulnerabilities : - An arbitrary servlet filter bypass vulnerability which c...
Atlassian Rolls Out Security Patch for Critical Confluence Vulnerability
Atlassian has rolled out fixes to remediate a critical security vulnerability pertaining to the use of hard-coded credentials affecting the Questions For Confluence app for Confluence Server and Confluence Data Center. The flaw, tracked as CVE-2022-26138, arises when the app in question is enable...
CVE-2022-26137
CVE-2022-26137 concerns multiple Atlassian products (Bamboo, Bitbucket, Confluence, Jira, Jira Service Management, Crowd, Fisheye/Crucible) where an unauthenticated remote attacker can trigger additional Servlet Filters in requests/responses, causing a CORS bypass. The issue allows an attacker to...
CVE-2022-26137
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this vulnerability:...
Atlassian Jira < 8.13.22 / 8.14.x < 8.20.10 XSS (JRASERVER-73897)
The version of Atlassian Jira installed on the remote host is prior to 8.13.22 / 8.14.x 8.20.10. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-73897 advisory. - Multiple Servlet Filter vulnerabilities have been fixed in Jira Server and Data Center. These...
Crucible: Multiple Servlet Filter Vulnerabilities
Multiple Servlet Filter vulnerabilities have been fixed in Crucible. These vulnerabilities also affect other Atlassian products. For more information, refer to Atlassian's security...
Confluence: Multiple Servlet Filter Vulnerabilities
Multiple Servlet Filter vulnerabilities have been fixed in Confluence Server and Data Center. These vulnerabilities also affect other Atlassian products. For more information, refer to Atlassian's security...
Jira: Multiple Servlet Filter Vulnerabilities
Multiple Servlet Filter vulnerabilities have been fixed in Jira Server and Data Center. These vulnerabilities also affect other Atlassian products. For more information, refer to Atlassian's security...