Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

CVE-2023-22501 - Broken Authentication vulnerability

Roman Treynker
Roman Treynker February 1, 2023

The notification of the Broken Authentication vulnerability went out saying the following versions 5.3.0 to 5.3.1 and 5.4.0 to 5.5.0 are affected by this vulnerability.

Are older versions affected? We're still on 4.22.6

Answer
Watch
Like Robertas likes this
865 views

3 answers

1 accepted

2 votes
Answer accepted
Benjamin S
Benjamin S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 1, 2023

Hi @Roman Treynker

Welcome to the Atlassian Community! As specified in the Security Advisory, no Jira Service Management (JSM) 4.x.x versions are affected by the vulnerability. For all affected 5.x.x versions, new bugfix releases have been published.

A slight correction to @Tommy Augustine's comment: JSM 4.22.x will reach its End of Life date on February 16, 2024 – right around the same time as the Jira Server end of support.

Cheers,
Ben

View More Comments
Tommy Augustine
Tommy Augustine
Contributor
February 2, 2023

Thanks, Ben! That's a less stressful answer to an admin now lol

Like Benjamin S likes this
Reply
2 votes
Tommy Augustine
Tommy Augustine
Contributor
February 1, 2023

I'm going to say "No" it's not. My logic for this answer is that 4.22 is not yet End Of Life for another year (February 16, 2024), and because it is not EOL yet, Atlassian would still report the version as affected in their open ticket

 

Edit: Corrected EOL Date (Thanks Ben!)

Reply
1 vote
Roman Treynker
Roman Treynker February 2, 2023

Thank you, both!

Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
SERVER
VERSION
4.22.6
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.