How could an attacker exploit this vulnerability? An unauthenticated attacker (PR:N) could exploit this vulnerability by running a script to access a targeted Jira server over the internet. Is there any action I need to take to be protected from this vulnerability? Customers running the Azure AD Jira sso plugin need to update to version 1.1.2 from the Microsoft Download Center or from Atlassian Marketplace. What privileges could an attacker gain with successful exploitation of this vulnerability? An attacker does not need to login to exploit this vulnerability. Exploiting this vulnerability could allow an attacker to fully update Entra ID SAML metadata and info for the plugin. The attacker could then change the authentication of the application to their tenant as needed.
<a href="https://www.linkedin.com/in/thongvv3/">thongvv of GE Security (VNG)</a>