Atlassian has published a new security advisory today 1st of February 2023. CVE-2023-22501 is a critical security advisory that affects Jira Service Management Server and Data Center.
The following versions are affected by this vulnerability:

• 5.3.0
• 5.3.1
• 5.3.2
• 5.4.0
• 5.4.1
• 5.5.0

Atlassian recommends that you upgrade each of your affected installations to one of the listed fixed versions (or any later version), The Fixed versions of the application are:

• 5.3.3
• 5.4.2
• 5.5.1
• 5.6.0 or later

Please see the complete advisory in Jira Service Management - Broken Authentication vulnerability in JSM - CVE-2023-22501 and the accompanying FAQ page for full details on the CVE and the steps to fix or mitigate the issue.

Additional information:

• Customers with active licenses above the 10 user starter licenses, can create support requests by visiting https://support.atlassian.com/contact/ you will be prompted to input your SEN number on this form
• Starter license customers can only receive technical support here in the Community per our support offerings.
• Should you have any additional questions about this vulnerability or upgrading Jira in regards to this please use this link to create a new question in Community in regards to this topic.