...
Note that Kantega SSO submits authentication to the host system’s Seraph authenticator. This means that if your Jira instance is affected, Kantega SSO will likely offer no additional protection for the exploit, and your system will be vulnerable to authentication bypass. We recommend to follow Atlassian’s advisories for using non-vulnerable versions of Jira and Jira Service Management.
Sources
https://confluence.atlassian.com/jira/jira-security-advisory-2022-04-20-1115127899.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0540
| Info |
|---|
ChangelogInitial publication 13:45 CET |