KEVIntel
Back to KEVs
9.8
CVSS
Critical

CVE-2022-0540

PUBLISHED

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This...

PoC available Remote Low complexity No user interaction
Vendor
Atlassian
Product
Jira Core Server, Jira Software Server, Jira Software Data Center, Jira Service Management Server, Jira Service Management Data Center
Published
Apr 20, 2022
EPSS

Description

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.

nuclei_scanner

CVSS scores

CVSS v3.1 9.8 Critical

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0 6.8

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitation status

Proof of concept available

Recorded 2022-05-25 10:47:04 UTC · Source

SSVC decision points

Exploitation
none
Automatable
Yes
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
The Shadowserver (via CIRCL) Jun 17, 2025

Scanner integrations

Scanner Reference Detected
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-0540.yaml Apr 25, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

Pear1y/CVE-2022-0540-RCE

github · Created 2022-05-25 10:47:04 UTC · 72 stars

Atlassian Jira Seraph Authentication Bypass RCE(CVE-2022-0540)

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Proof of Concept Exploit Available

  • Detected by Nuclei

  • Added to KEVIntel