CVE-2022-0540

Category [RCE]

module name: check_cve_2022_0540_v1

url variant 1 {url}InsightPluginShowGeneralConfiguration.jspa;

module name: check_cve_2022_0540_v2

url variant 2 {url}secure/WBSGanttManageScheduleJobAction.jspa;

+ [Potential RCE] - CVE-2022-0540 Variant 1: [MANUAL REVIEW REQUIRED]
  URL: http://JIRA/InsightPluginShowGeneralConfiguration.jspa;
  Note: Exploitation requires manual steps.
  See: https://blog.viettelcybersecurity.com/cve-2022-0540-authentication-bypass-in-seraph/

• [Potential RCE] - CVE-2022-0540 Variant 2: [MANUAL REVIEW REQUIRED] URL: http://JIRA/secure/WBSGanttManageScheduleJobAction.jspa; Note: Exploitation requires manual steps. See: https://blog.viettelcybersecurity.com/cve-2022-0540-authentication-bypass-in-seraph/

- No CVE-2022-0540 vulnerability detected on: http://jiraip/InsightPluginShowGeneralConfiguration.jspa;

- No CVE-2022-0540 vulnerability detected on: http://jiraip/secure/WBSGanttManageScheduleJobAction.jspa;
- HTTP Status Code: 302

---

References

• https://github.com/Pear1y/CVE-2022-0540-RCE

• https://confluence.atlassian.com/jira/jira-security-advisory-2022-04-20-1115127899.html

• https://blog.viettelcybersecurity.com/cve-2022-0540-authentication-bypass-in-seraph/

• https://ricksoft-support.atlassian.net/wiki/spaces/WGCE0914/pages/2930802887/Global+job+scheduler+settings+-+aggregating+reflecting+time+tracking+and+calculating+progress+rate