CVE-2022-26136

Summary

A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in authentication bypass and cross-site scripting. Atlassian has released updates that fix the root cause of this vulnerability, but has not exhaustively enumerated all potential consequences of this vulnerability. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. Atlassian Bitbucket versions are affected before 7.6.16, from 7.7.0 before 7.17.8, from 7.18.0 before 7.19.5, from 7.20.0 before 7.20.2, from 7.21.0 before 7.21.2, and versions 8.0.0 and 8.1.0. Atlassian Confluence versions are affected before 7.4.17, from 7.5.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and version 7.21.0. Atlassian Crowd versions are affected before 4.3.8, from 4.4.0 before 4.4.2, and version 5.0.0. Atlassian Fisheye and Crucible versions before 4.8.10 are affected. Atlassian Jira versions are affected before 8.13.22, from 8.14.0 before 8.20.10, and from 8.21.0 before 8.22.4. Atlassian Jira Service Management versions are affected before 4.13.22, from 4.14.0 before 4.20.10, and from 4.21.0 before 4.22.4.

Affected Software

VendorProductVersion RangeStatus
AtlassianBamboo Serverunspecified < 8.0.9affected
AtlassianBamboo Server8.1.0 < unspecifiedaffected
AtlassianBamboo Serverunspecified < 8.1.8affected
AtlassianBamboo Server8.2.0 < unspecifiedaffected
AtlassianBamboo Serverunspecified < 8.2.4affected
AtlassianBamboo Data Centerunspecified < 8.0.9affected
AtlassianBamboo Data Center8.1.0 < unspecifiedaffected
AtlassianBamboo Data Centerunspecified < 8.1.8affected
AtlassianBamboo Data Center8.2.0 < unspecifiedaffected
AtlassianBamboo Data Centerunspecified < 8.2.4affected
AtlassianBitbucket Serverunspecified < 7.6.16affected
AtlassianBitbucket Server7.7.0 < unspecifiedaffected
AtlassianBitbucket Server7.16.0 < unspecifiedaffected
AtlassianBitbucket Serverunspecified < 7.17.8affected
AtlassianBitbucket Server7.18.0 < unspecifiedaffected
AtlassianBitbucket Serverunspecified < 7.19.5affected
AtlassianBitbucket Server7.20.0 < unspecifiedaffected
AtlassianBitbucket Serverunspecified < 7.20.2affected
AtlassianBitbucket Server7.21.0 < unspecifiedaffected
AtlassianBitbucket Serverunspecified < 7.21.2affected
AtlassianBitbucket Server8.0.0affected
AtlassianBitbucket Server8.1.0affected
AtlassianBitbucket Data Centerunspecified < 7.6.16affected
AtlassianBitbucket Data Center7.7.0 < unspecifiedaffected
AtlassianBitbucket Data Center7.16.0 < unspecifiedaffected
AtlassianBitbucket Data Centerunspecified < 7.17.8affected
AtlassianBitbucket Data Center7.18.0 < unspecifiedaffected
AtlassianBitbucket Data Centerunspecified < 7.19.5affected
AtlassianBitbucket Data Center7.20.0 < unspecifiedaffected
AtlassianBitbucket Data Centerunspecified < 7.20.2affected
AtlassianBitbucket Data Center7.21.0 < unspecifiedaffected
AtlassianBitbucket Data Centerunspecified < 7.21.2affected
AtlassianBitbucket Data Center8.0.0affected
AtlassianBitbucket Data Center8.1.0affected
AtlassianConfluence Serverunspecified < 7.4.17affected
AtlassianConfluence Server7.5.0 < unspecifiedaffected
AtlassianConfluence Serverunspecified < 7.13.7affected
AtlassianConfluence Server7.14.0 < unspecifiedaffected
AtlassianConfluence Serverunspecified < 7.14.3affected
AtlassianConfluence Server7.15.0 < unspecifiedaffected
AtlassianConfluence Serverunspecified < 7.15.2affected
AtlassianConfluence Server7.16.0 < unspecifiedaffected
AtlassianConfluence Serverunspecified < 7.16.4affected
AtlassianConfluence Server7.17.0 < unspecifiedaffected
AtlassianConfluence Serverunspecified < 7.17.4affected
AtlassianConfluence Server7.18.0affected
AtlassianConfluence Data Centerunspecified < 7.4.17affected
AtlassianConfluence Data Center7.5.0 < unspecifiedaffected
AtlassianConfluence Data Centerunspecified < 7.13.7affected
AtlassianConfluence Data Center7.14.0 < unspecifiedaffected
AtlassianConfluence Data Centerunspecified < 7.14.3affected
AtlassianConfluence Data Center7.15.0 < unspecifiedaffected
AtlassianConfluence Data Centerunspecified < 7.15.2affected
AtlassianConfluence Data Center7.16.0 < unspecifiedaffected
AtlassianConfluence Data Centerunspecified < 7.16.4affected
AtlassianConfluence Data Center7.17.0 < unspecifiedaffected
AtlassianConfluence Data Centerunspecified < 7.17.4affected
AtlassianConfluence Data Center7.18.0affected
AtlassianCrowd Serverunspecified < 4.3.8affected
AtlassianCrowd Server4.4.0 < unspecifiedaffected
AtlassianCrowd Serverunspecified < 4.4.2affected
AtlassianCrowd Server5.0.0affected
AtlassianCrowd Data Centerunspecified < 4.3.8affected
AtlassianCrowd Data Center4.4.0 < unspecifiedaffected
AtlassianCrowd Data Centerunspecified < 4.4.2affected
AtlassianCrowd Data Center5.0.0affected
AtlassianCrucibleunspecified < 4.8.10affected
AtlassianFisheyeunspecified < 4.8.10affected
AtlassianJira Core Serverunspecified < 8.13.22affected
AtlassianJira Core Server8.14.0 < unspecifiedaffected
AtlassianJira Core Serverunspecified < 8.20.10affected
AtlassianJira Core Server8.21.0 < unspecifiedaffected
AtlassianJira Core Serverunspecified < 8.22.4affected
AtlassianJira Software Serverunspecified < 8.13.22affected
AtlassianJira Software Server8.14.0 < unspecifiedaffected
AtlassianJira Software Serverunspecified < 8.20.10affected
AtlassianJira Software Server8.21.0 < unspecifiedaffected
AtlassianJira Software Serverunspecified < 8.22.4affected
AtlassianJira Software Data Centerunspecified < 8.13.22affected
AtlassianJira Software Data Center8.14.0 < unspecifiedaffected
AtlassianJira Software Data Centerunspecified < 8.20.10affected
AtlassianJira Software Data Center8.21.0 < unspecifiedaffected
AtlassianJira Software Data Centerunspecified < 8.22.4affected
AtlassianJira Service Management Serverunspecified < 4.13.22affected
AtlassianJira Service Management Server4.14.0 < unspecifiedaffected
AtlassianJira Service Management Serverunspecified < 4.20.10affected
AtlassianJira Service Management Server4.21.0 < unspecifiedaffected
AtlassianJira Service Management Serverunspecified < 4.22.4affected
AtlassianJira Service Management Data Centerunspecified < 4.13.22affected
AtlassianJira Service Management Data Center4.14.0 < unspecifiedaffected
AtlassianJira Service Management Data Centerunspecified < 4.20.10affected
AtlassianJira Service Management Data Center4.21.0 < unspecifiedaffected
AtlassianJira Service Management Data Centerunspecified < 4.22.4affected

Weaknesses

  • CWE-180: Incorrect Behavior Order: Validate Before Canonicalize (CWE-180).

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References