{"vulnerability": "CVE-2022-0540", "sightings": [{"uuid": "5cce9793-4ab8-4d5a-a53e-49eb6237f4af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-29)", "content": "", "creation_timestamp": "2024-10-29T00:00:00.000000Z"}, {"uuid": "932cf880-6682-4d9d-95bc-1eeef305fbc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-10)", "content": "", "creation_timestamp": "2024-11-10T00:00:00.000000Z"}, {"uuid": "aca47e18-6fca-43cb-8268-41e74d402409", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-23)", "content": "", "creation_timestamp": "2024-11-23T00:00:00.000000Z"}, {"uuid": "d0618484-622a-4c3a-877e-d88981d07494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-19)", "content": "", "creation_timestamp": "2024-11-19T00:00:00.000000Z"}, {"uuid": "15aa7cdc-8e4d-4a14-99b8-08c768788719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-05)", "content": "", "creation_timestamp": "2025-02-05T00:00:00.000000Z"}, {"uuid": "1ffc2c43-5397-46d2-b702-5ad47474693a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-08)", "content": "", "creation_timestamp": "2024-12-08T00:00:00.000000Z"}, {"uuid": "636bdb28-9221-454f-9b5b-1bfbab2239c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-08)", "content": "", "creation_timestamp": "2025-02-08T00:00:00.000000Z"}, {"uuid": "74fa3607-ea38-4040-953b-a519f075c816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "2d097915-282d-4ca1-a4c2-d4b516e4ef1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-23)", "content": "", "creation_timestamp": "2025-03-23T00:00:00.000000Z"}, {"uuid": "72e7ad3f-55d0-4737-aec1-b7e8a4bb9d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-21)", "content": "", "creation_timestamp": "2025-03-21T00:00:00.000000Z"}, {"uuid": "7d039bc6-ba78-4b32-98dd-43e218e8a858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-26)", "content": "", "creation_timestamp": "2025-02-26T00:00:00.000000Z"}, {"uuid": "d50165a9-6c66-487e-9ba5-64c3b6e1cc4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-19)", "content": "", "creation_timestamp": "2025-02-19T00:00:00.000000Z"}, {"uuid": "d15d6a33-554f-4c3a-88bd-6d7d157bd460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-25)", "content": "", "creation_timestamp": "2025-02-25T00:00:00.000000Z"}, {"uuid": "1d598fb0-1402-4d57-8671-21595ac1ccae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "573f4c64-6800-4395-9909-6860eed6eb88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-17)", "content": "", "creation_timestamp": "2025-06-17T00:00:00.000000Z"}, {"uuid": "4826c58e-be44-4921-ac22-c81d0afcf867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-01)", "content": "", "creation_timestamp": "2025-05-01T00:00:00.000000Z"}, {"uuid": "7ae2bd9a-8993-48cd-b5f9-4f8f20a6ff36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-31)", "content": "", "creation_timestamp": "2025-05-31T00:00:00.000000Z"}, {"uuid": "a24eb5c2-3431-402d-a2f1-5c5eb1fe44cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-17)", "content": "", "creation_timestamp": "2025-05-17T00:00:00.000000Z"}, {"uuid": "2290c299-b688-4d84-b4d1-160a945d30d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-17)", "content": "", "creation_timestamp": "2025-06-17T00:00:00.000000Z"}, {"uuid": "c4a819ff-ce17-4962-ba71-afd4b417b00e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-01)", "content": "", "creation_timestamp": "2025-06-01T00:00:00.000000Z"}, {"uuid": "976869c6-b85a-49ab-ac98-264e77b24bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "c3c3e7d1-dad9-4ef6-9214-d9a31420eba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-16)", "content": "", "creation_timestamp": "2025-07-16T00:00:00.000000Z"}, {"uuid": "a21cd337-4ab5-4481-b239-9332221df37e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-23)", "content": "", "creation_timestamp": "2025-07-23T00:00:00.000000Z"}, {"uuid": "b6a4b8dd-2037-466e-8eff-d694affdd9dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-24)", "content": "", "creation_timestamp": "2025-07-24T00:00:00.000000Z"}, {"uuid": "76cc19dc-68b2-4f95-a0a4-8590ac948079", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-15)", "content": "", "creation_timestamp": "2025-10-15T00:00:00.000000Z"}, {"uuid": "fea6faa9-33df-4771-abd4-ddb5473867dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-15)", "content": "", "creation_timestamp": "2025-10-15T00:00:00.000000Z"}, {"uuid": "55278971-a22a-4c60-8b2f-3a14bb4b81de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-31)", "content": "", "creation_timestamp": "2025-07-31T00:00:00.000000Z"}, {"uuid": "0bc983ce-d47b-4808-972b-ac9051888c24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-01)", "content": "", "creation_timestamp": "2025-08-01T00:00:00.000000Z"}, {"uuid": "03e5f366-2d0f-4987-913e-32846b21e201", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-25)", "content": "", "creation_timestamp": "2025-07-25T00:00:00.000000Z"}, {"uuid": "5670cdf1-b624-453f-8434-bcfb1e43c00b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-26)", "content": "", "creation_timestamp": "2025-07-26T00:00:00.000000Z"}, {"uuid": "e7ecfe5c-72e9-48a3-8db4-b3af2d2f0510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-22)", "content": "", "creation_timestamp": "2025-11-22T00:00:00.000000Z"}, {"uuid": "cf4dc333-8f1e-409e-aab7-4ce6dbf6ee1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-07)", "content": "", "creation_timestamp": "2025-08-07T00:00:00.000000Z"}, {"uuid": "b05a27a7-244f-432a-9cc4-b989b4526ce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-15)", "content": "", "creation_timestamp": "2025-08-15T00:00:00.000000Z"}, {"uuid": "d9c261ae-60c1-4276-b4c7-15bd468f5915", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-14)", "content": "", "creation_timestamp": "2025-10-14T00:00:00.000000Z"}, {"uuid": "e29d57b5-2953-469a-8002-5a8647d196ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-22)", "content": "", "creation_timestamp": "2025-09-22T00:00:00.000000Z"}, {"uuid": "54a5ec9f-4016-4b72-a800-eac99cebd72c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-22)", "content": "", "creation_timestamp": "2025-09-22T00:00:00.000000Z"}, {"uuid": "5f91eba9-2bb6-405b-8702-39c98e831dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-03)", "content": "", "creation_timestamp": "2026-01-03T00:00:00.000000Z"}, {"uuid": "260a83cf-20ef-44c9-b67f-bcd204d41fc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-14)", "content": "", "creation_timestamp": "2025-10-14T00:00:00.000000Z"}, {"uuid": "12caf2ac-f8dd-4338-a110-d419f1db8ab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-30)", "content": "", "creation_timestamp": "2025-12-30T00:00:00.000000Z"}, {"uuid": "259f3172-7f4d-45ed-8be5-e43a5011a1ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-12)", "content": "", "creation_timestamp": "2026-04-12T00:00:00.000000Z"}, {"uuid": "e493fc72-db02-4a41-9648-1ebc92f7c501", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-19)", "content": "", "creation_timestamp": "2026-01-19T00:00:00.000000Z"}, {"uuid": "021a8e25-a0bb-4167-b54a-793c1ceaa2f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/jira_cve_2022_0540", "content": "", "creation_timestamp": "2022-05-18T12:11:52.000000Z"}, {"uuid": "5e857cc7-ae32-440a-aaaa-16d625891169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "https://t.me/cKure/9410", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Zero-Day: Atlassian fixes critical Jira authentication bypass vulnerability.\n\nThe flaw is tracked as CVE-2022-0540 and comes with a severity rating of 9.9.\n\nhttps://confluence.atlassian.com/jira/jira-security-advisory-2022-04-20-1115127899.html\n\nhttps://www.bleepingcomputer.com/news/security/atlassian-fixes-critical-jira-authentication-bypass-vulnerability/", "creation_timestamp": "2022-04-23T08:48:58.000000Z"}, {"uuid": "60a35cac-a81f-4bd6-87bc-c85eca9222f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-14)", "content": "", "creation_timestamp": "2026-04-14T00:00:00.000000Z"}, {"uuid": "a877dfe0-a35b-49b8-81d9-e7f32d398209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2284", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aAtlassian Jira Seraph Authentication Bypass RCE\uff08CVE-2022-0540\uff09\nURL\uff1ahttps://github.com/exploitwritter/CVE-2022-29337\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-25T13:05:43.000000Z"}, {"uuid": "1394146a-819a-4cf2-b18a-c5b1b9332833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2282", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aAtlassian Jira Seraph Authentication Bypass Preauth-RCE\uff08CVE-2022-0540\uff09\nURL\uff1ahttps://github.com/Pear1y/CVE-2022-0540-Preauth-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-25T10:50:30.000000Z"}, {"uuid": "49fd6600-329b-4a44-8094-d064afc344e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "2f421d5e-b2ce-4c78-8407-3db0f06a414c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2342", "content": "#\u041f\u041e #CVE #POC\n\nAuthentication bypass in Seraph\nCVE-2022-0540\n\n;\n\u0414\u0430, ; \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f payload \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Jira. \u0415\u0441\u043b\u0438 \u0432\u0430\u043c \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u043a\u0430\u043a \u0442\u043e\u0447\u043a\u0430 \u0441 \u0437\u0430\u043f\u044f\u0442\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 Jira, \u043f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0439\u0442\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0432 \u0441\u0442\u0430\u0442\u044c\u0435.", "creation_timestamp": "2022-08-23T13:00:04.000000Z"}, {"uuid": "3ed257d3-6bfc-4d74-be68-bde5bd79ada4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "https://t.me/habr_com_news/5280", "content": "\u200b\u200bAtlassian \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Jira\n\nAtlassian \u043e\u0442\u0447\u0438\u0442\u0430\u043b\u0430\u0441\u044c \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 Jira. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-0540 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9,9 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Seraph, \u0438 \u0445\u0430\u043a\u0435\u0440, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043c\u043e\u0433 \u0441\u043e\u0437\u0434\u0430\u0442\u044c HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n#\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c", "creation_timestamp": "2022-04-25T08:30:43.000000Z"}, {"uuid": "93fd4f2f-5c9b-49dc-ae52-4dfdc8f1809f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "https://t.me/poxek/1402", "content": "A critical authentication bypass vulnerability (CVE-2022-0540 and CVSS 9.9) has been discovered in Seraph affecting Atlassian Jira and Jira Service Management.\n\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-05-15T15:45:43.000000Z"}, {"uuid": "bfa2d7a0-1940-4fb3-a596-7fcb1b17d82f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1292", "content": "Atlassian Jira Seraph Authentication Bypass RCE\n\n#Jira #CVE-2022-0540 #Exploit #RCE #Bugbouty #VAPT\n#Hacking #Malware #CyberSecurity #Pentesting #Nuclei\n\nhttps://reconshell.com/atlassian-jira-seraph-authentication-bypass-rce/", "creation_timestamp": "2022-05-26T20:48:01.000000Z"}, {"uuid": "fda1417e-32d0-4776-9631-efedbc75275e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "https://t.me/arpsyndicate/1985", "content": "#ExploitObserverAlert\n\nCVE-2022-0540\n\nDESCRIPTION: Exploit Observer has 22 entries related to CVE-2022-0540. A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.\n\nFIRST-EPSS: 0.158000000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T12:41:24.000000Z"}, {"uuid": "aeaac223-a813-43d3-b568-0efd9d4331bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "published-proof-of-concept", "source": "Telegram/mVYbnwlX5y1YAGJNogv720Hx8Iy1Ay3hUwsuZCspLp2PgVI", "content": "", "creation_timestamp": "2022-05-27T20:39:42.000000Z"}, {"uuid": "6535b74b-e529-45b4-b92a-e1d7b7617d8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "https://t.me/true_secator/2885", "content": "\u034f\u041f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u043c\u0438 Jira \u0438 Jira Service Management \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439, \u0434\u0430 \u0435\u0449\u0435 \u043f\u043e\u0434 \u043a\u0430\u043a\u043e\u0439. \n\n\u041d\u0430 \u0434\u043d\u044f\u0445 Atlassian \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u0442\u044c \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Seraph - \u0441\u0440\u0435\u0434\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 J2EE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-0540 \u0438 \u0438\u043c\u0435\u0435\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 9,9. \u0411\u0430\u0433\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u044f\u0434\u0440\u0435 Jira \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b: Jira Core Server, Software Data Center, Software Server, Service Management Server \u0438 Management Data Center.\n\n\u0412 Atlassian \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u043e\u043d\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0441 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0435\u0439 \u0432 Seraph, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0430 \u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\n\n\u0421\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f CVE-2022-0540 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u0442 \u0438 \u0442\u043e\u0442 \u0444\u0430\u043a\u0442, \u0447\u0442\u043e Jira \u043c\u043e\u0436\u0435\u0442 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0438 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u043c\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043b\u0438 \u043e\u043d\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u043f\u043e\u043c\u0438\u043c\u043e \u0442\u0435\u0445, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u0430\u043d\u044b \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 Seraph.\n\n\u041f\u043e\u0434 \u043f\u0440\u044f\u043c\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u0434\u0432\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f: Insight \u2014 Asset Management \u0438 Mobile Plugin \u0434\u043b\u044f Jira. \u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u0432 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445 \u0443 Atlassian.\n\n\u0410 \u0432\u043e\u0442 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 Atlassian Marketplace \u0438\u043b\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u044b \u0441\u0430\u043c\u0438\u043c\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438, \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0440\u0438\u0441\u043a\u0443, \u0435\u0441\u043b\u0438 \u043e\u043d\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e. \u0422\u0430\u043a \u0447\u0442\u043e \u0446\u0435\u043b\u0435\u0441\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0440\u0435\u0432\u0438\u0437\u0438\u044e, \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0430\u043c\u043e\u043f\u0438\u0441\u043d\u044b\u0445 \u0438\u043b\u0438 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u0430 \u0435\u0441\u043b\u0438 \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u044d\u0442\u043e \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0442\u043e Atlassian \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d \u0440\u0438\u0441\u043a, \u0438\u043b\u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0441\u0442\u0430\u043d\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u041f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u043a\u0430 \u043d\u0438\u0436\u0435 \u0441\u0440\u0435\u0434\u043d\u0435\u0433\u043e, \u0442\u0430\u043a \u043a\u0430\u043a \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442. \u041d\u043e \u0434\u043b\u044f \u0436\u0435\u043b\u0430\u044e\u0449\u0438\u0445 \u0441\u0432\u0430\u0440\u0433\u0430\u043d\u0438\u0442\u044c \u0442\u0430\u043a\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u043d\u043e \u0432\u0441\u0435\u0433\u043e \u0434\u043e 5000 \u0437\u0435\u043b\u0435\u043d\u044b\u0445.", "creation_timestamp": "2022-04-25T18:37:02.000000Z"}, {"uuid": "e0cb87d7-55bb-45f7-bbd4-89d5c18dc7ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-29)", "content": "", "creation_timestamp": "2026-04-29T00:00:00.000000Z"}, {"uuid": "3d5e8209-51ab-43a7-a89b-3a69d65ecc5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "https://t.me/NeKaspersky/2151", "content": "\u0412 Jira \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0443\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e\n\n\u041e \u0444\u0438\u043a\u0441\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 Atlassian, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0431\u0430\u0433\u0442\u0440\u0435\u043a\u0435\u0440\u0430, \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u0440\u044f\u0442\u0430\u043b\u0430\u0441\u044c \u0432 Seraph, \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0432 Jira \u0438 Confluence \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0432\u0445\u043e\u0434 \u0432 \u0438 \u0432\u044b\u0445\u043e\u0434 \u0438\u0437 \u0443\u0447\u0435\u0442\u043a\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2022-0540 \u0438 \u043d\u0435\u043a\u0438\u0441\u043b\u044b\u0435 9,9 \u043f\u043e CVSS. \u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b:\n    Jira Core Server, Software Server \u0438 Software Data Center \u0432\u0435\u0440\u0441\u0438\u0439 &lt; 8.13.18, 8.14 \u2014 8.20.6 \u0438 8.21;\n    Jira Service Management Server \u0438 Management Data Center &lt; 4.13.18, 4.14 \u2014 4.20.6, 4.21.\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u0438\u043d\u0441\u0442\u0430\u043d\u0441\u044b, \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043e\u0441\u043e\u0431\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0432\u043e\u043e\u0431\u0449\u0435 \u043d\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u043e\u0442\u043b\u0438\u0447\u0430\u0442\u044c\u0441\u044f \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439: \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043d\u0438\u0445 \u0434\u0435\u043b\u0430\u044e\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0432\u0441\u0435\u0446\u0435\u043b\u043e \u043d\u0435 \u043f\u043e\u043b\u0430\u0433\u0430\u044f\u0441\u044c \u043d\u0430 Seraph. \u0415\u0441\u043b\u0438 \u0432 Jira \u0432\u043e\u043e\u0431\u0449\u0435 \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0449\u0438\u0435\u0441\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u043d\u0438\u0436\u0430\u0435\u0442\u0441\u044f \u0434\u043e \u0441\u0440\u0435\u0434\u043d\u0435\u0439.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u043e\u0441\u0442\u044b\u043c \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u043c \u043e\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u0438\u0442\u044c \u0441\u0435\u0431\u044f, \u043a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432. \u0415\u0441\u043b\u0438 \u0442\u0430\u043a\u043e\u0439 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043d\u0435\u0442, Atlassian \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0445\u043e\u0442\u044f \u0431\u044b \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0435\u0441\u043b\u0438 \u0438\u0445 \u0430\u0432\u0442\u043e\u0440\u044b \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0444\u0438\u043a\u0441, \u0438\u043b\u0438 \u043e\u0442\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u043e\u0442 \u0438\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f, \u043f\u043e\u043a\u0430 \u0442\u0430\u043a\u0430\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043d\u0435 \u043f\u043e\u044f\u0432\u0438\u0442\u0441\u044f.\n@NeKaspersky", "creation_timestamp": "2022-04-22T19:40:31.000000Z"}, {"uuid": "a27b429d-1be2-4b85-8c6a-c8bfda288890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "https://t.me/cibsecurity/41191", "content": "\u203c CVE-2022-0540 \u203c\n\nA vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-20T22:25:49.000000Z"}, {"uuid": "79d7ff6a-bdc5-4d13-a311-94f14cf18d2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5972", "content": "#Red_Team_Tactics\n1. Weaponizing An Antivirus Driver\nhttps://www.aon.com/cyber-solutions/aon_cyber_labs/yours-truly-signed-av-driver-weaponizing-an-antivirus-driver\n2. Authentication bypass in Seraph (CVE-2022-0540)\nhttps://blog.viettelcybersecurity.com/cve-2022-0540-authentication-bypass-in-seraph", "creation_timestamp": "2022-05-09T12:46:38.000000Z"}, {"uuid": "16d275e8-a5ca-49ca-87d3-5a04733c7972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "https://t.me/thebugbountyhunter/6281", "content": "CVE-2022-0540 - Authentication bypass in Seraph\n\nhttps://blog.viettelcybersecurity.com/cve-2022-0540-authentication-bypass-in-seraph/", "creation_timestamp": "2022-05-28T02:06:04.000000Z"}, {"uuid": "e48d3ee4-cabd-4ab6-aceb-75516cc0f86e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "seen", "source": "https://t.me/thehackernews/2112", "content": "A critical authentication bypass vulnerability (CVE-2022-0540 and CVSS 9.9) has been discovered in Seraph affecting #Atlassian Jira and Jira Service Management.\n\nRead details: https://thehackernews.com/2022/04/atlassian-drops-patches-for-critical.html", "creation_timestamp": "2022-04-23T07:55:57.000000Z"}, {"uuid": "a5f23872-499d-4fce-944e-d7e1e16064da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0540", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-03)", "content": "", "creation_timestamp": "2026-05-03T00:00:00.000000Z"}]}