DEV Community

Cover image for CVE-2023-22501 - Broken Authentication vulnerability in Jira Service Management
Public Cloud Group
Public Cloud Group

Posted on • Originally published at kreuzwerker.de

CVE-2023-22501 - Broken Authentication vulnerability in Jira Service Management

Written by Fabian Duft

Managed Services fixes security vulnerabilities before you even realize they exist

On February 1st at 7pm Berlin time, Atlassian released the information that a new security vulnerability (CVE-2023-22501) with the highest severity ranking (critical) was affecting multiple versions of Jira Service Management (Server & Data Center) starting with version 5.3.

This authentication vulnerability would allow attackers in certain cases to impersonate other users and gain access to signup tokens and access to the instance.

With the announcement of the vulnerability, Atlassian also released new patch versions that prevent the exploitation of this security issue.

Due to the severity of the vulnerability, our team prioritized the rollout of the fixed versions and started working on the issue immediately. Due to the usage of IaaC, VCS and collaboration tools, we could identify the affected customers in a few minutes. At the same time, the new patch versions were built and rolled out to all affected customers.

55 minutes after the release of the security vulnerability by Atlassian, all affected customers were identified, patched and informed.
We fixed the critical security vulnerability before any of our customers even knew that the vulnerability existed.

Exactly this QoS is what our customers appreciate about our Fully Managed Hosting because one part of it is continuously keeping our customer systems protected.

If you were not able to patch your systems in time or apply relevant mitigations, we are here to help you.

Unfortunately it is not possible to find out if your instance has been compromised. With the following query however you can check which users might have been affected due to a password reset:

SELECT CWD_USER.*
FROM CWD_USER_ATTRIBUTES
  JOIN CWD_USER ON CWD_USER.ID = CWD_USER_ATTRIBUTES.USER_ID
WHERE (USER_ID in
  (SELECT USER_ID
  FROM cwd_user_attributes
  WHERE attribute_name='password.reset.after.vulnerable.install'))
Enter fullscreen mode Exit fullscreen mode

If you are interested in the Fully Managed Hosting and want to continuously stay protected, just contact us.

Top comments (0)