AI description
CVE-2025-22157 is a privilege escalation vulnerability affecting Atlassian Jira Core Data Center and Server, and Jira Service Management Data Center and Server. The vulnerability exists in versions 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core, and versions 5.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management. Successful exploitation of CVE-2025-22157 allows an attacker to perform actions as a higher-privileged user. Atlassian recommends upgrading to the latest version or specific supported fixed versions to mitigate this vulnerability.
- Description
- This High severity PrivEsc (Privilege Escalation) vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server This PrivEsc (Privilege Escalation) vulnerability, with a CVSS Score of 7.2, allows an attacker to perform actions as a higher-privileged user. Atlassian recommends that Jira Core Data Center and Server and Jira Service Management Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Jira Core Data Center and Server 9.12: Upgrade to a release greater than or equal to 9.12.20 Jira Service Management Data Center and Server 5.12: Upgrade to a release greater than or equal to 5.12.20 Jira Core Data Center 10.3: Upgrade to a release greater than or equal to 10.3.5 Jira Service Management Data Center 10.3: Upgrade to a release greater than or equal to 10.3.5 Jira Core Data Center 10.4: Upgrade to a release greater than or equal to 10.6.0 Jira Service Management Data Center 10.4: Upgrade to a release greater than or equal to 10.6.0 Jira Core Data Center 10.5: Upgrade to a release greater than or equal to 10.5.1 Jira Service Management Data Center 10.5: Upgrade to a release greater than or equal to 10.5.1 See the release notes. You can download the latest version of Jira Core Data Center and Jira Service Management Data Center from the download center. This vulnerability was reported via our Atlassian (Internal) program.
- Source
- security@atlassian.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.2
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-284
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
12
🚨Alert🚨 CVE-2025-22157: A High severity PrivEsc (Privilege Escalation) vulnerability in Jira Core Data Center 📊 75.1K+Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/9Iaj6kqzRA 👇Query HUNTER : https://t.co/q9rtuGgxk7="Atlassian J
@HunterMapping
22 May 2025
2650 Impressions
11 Retweets
26 Likes
13 Bookmarks
0 Replies
0 Quotes
CVE-2025-22157: Improper Access Control in Atlassian Jira, 7.2 rating❗️ Vuln allows an authenticated attackers to escalate their privileges to administrator level . Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/wgRNGGhltG #cybersecurity #vulnerability_map http
@Netlas_io
21 May 2025
1414 Impressions
8 Retweets
11 Likes
4 Bookmarks
0 Replies
1 Quote
⚠️⚠️ CVE-2025-22157: High-Severity Privilege Escalation Threat Hits Atlassian Jira Data Center 🎯95k+ Results are found on the https://t.co/pb16tGXCUG nearly year. 🔗FOFA Link: https://t.co/xpBEtLcLoR FOFA Query:app="JIRA" 🔖Refer:https://t.co/3gaF3Ym47Y #OSINT #FOF
@fofabot
21 May 2025
1894 Impressions
21 Retweets
49 Likes
14 Bookmarks
0 Replies
0 Quotes
⚡️The vulnerability details are now available: https://t.co/aqaSNysikA 🚨🚨CVE-2025-22157 hits Atlassian Jira Data Center! A privilege escalation flaw lets attackers with low access climb to admin-level powers—unlocking restricted workflows & sensitive data. Zoo
@zoomeye_team
21 May 2025
725 Impressions
4 Retweets
7 Likes
2 Bookmarks
0 Replies
0 Quotes