CVE-2023-30285

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published May 31, 2023

Updated: Jan 10, 2025

Summary

CVE-2023-30285 is a vulnerability affecting Deviniti Issue Sync Synchronization version 3.5.2 for Jira. This issue enables attackers to manipulate requests to the /rest/synchronizer/1.0/technicalUser endpoint, gaining unauthorized access to a user's login credentials. Successful exploitation may lead to unauthorized access and potential data breaches. Users are strongly advised to update their systems to mitigate this risk. Attackers can exploit this vulnerability by sending a crafted request, bypassing authentication checks and obtaining sensitive user information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Deviniti

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/qyPODG
https://www.cve.org/CVERecord?id=CVE-2023-30285
https://nvd.nist.gov/vuln/detail/CVE-2023-30285

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2023-30285

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations