Researchers with Bishop Fox warn that vulnerabilities recently fixed in Jira Align could give an attacker access to Atlassian cloud credentials, allow them to elevate privileges, and even allow them to attack Atlassian infrastructure.
Jira Align is an enterprise software-as-a-service (SaaS) that aids software companies in connecting teams to the business, as opposed to Jira, which only links teams to one another, for the planning of development lifecycles. Two serious security flaws in Jira Align have been found by Bishop Fox researchers, who have warned that an attack that takes advantage of both could severely damage Atlassian infrastructure in addition to Jira Align.
A server-side request forgery (SSRF) vulnerability in the application’s “Connectors” settings is described as the first of the bugs.
Read More: Jira Align Vulnerabilities Exposed Atlassian Infrastructure to Attacks
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.