Atlassian has released patches to resolve a critical vulnerability in the Jira Service Management Server and Data Center system that could be exploited by an attacker to impersonate another user.

The vulnerability has been named CVE-2023-22501. In this situation, A malicious actor can impersonate a user and obtain the login tokens of those users who are not yet logged in.

Such tokens, according to Atlassian, can be obtained in two scenarios: the attacker is included in one of the requests handled in Jira or the attacker gains access to the emails. This vulnerability would affect the versions 5.3 and 5.5.

For its part, The manufacturer has already published patches in the applications to fix this vulnerability, What, Of course, It is recommended to apply.

Fountain: The Hacker News


Leave a Reply

Your email address will not be published. Required fields are marked *

More news
A
Read more »
A researcher manages to hack some concert tickets using AI
Read more »
Una nueva campaña de phishing suplanta a ChatGPT
Read more »
Nintendo suffers a data breach through a supplier
Read more »
Trying to make fun of a scammer is not a very good idea
Read more »