CVE-2023-22891: High severity zephyr for jira test management vulnerability

Q: What is CVE-2023-22891?

CVE-2023-22891 is a privilege escalation vulnerability in SmartBear Zephyr Enterprise through version 7.15.0.

Q: How can the privilege escalation vulnerability in SmartBear Zephyr Enterprise be exploited?

The vulnerability can be exploited by authorized users to reset passwords for other accounts.

Q: What is the severity of CVE-2023-22891?

The severity of CVE-2023-22891 is high with a CVSS score of 8.1.

Q: What software versions are affected by CVE-2023-22891?

SmartBear Zephyr Enterprise versions up to and including 7.15.0 are affected by CVE-2023-22891.

Q: Is there a patch available to fix CVE-2023-22891?

Yes, SmartBear has released a patch to fix the privilege escalation vulnerability in Zephyr Enterprise.

Published Mar 8, 2023

Updated

There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.

Affected Software

1 affected component

SMARTBEAR Zephyr Enterprise<=7.15

Event History

Mar 8, 2023

CVE Published

via MITRE·12:00 AM

Data Sourced

via MITRE·12:00 AM

Description

Frequently Asked Questions

What is CVE-2023-22891?

CVE-2023-22891 is a privilege escalation vulnerability in SmartBear Zephyr Enterprise through version 7.15.0.

How can the privilege escalation vulnerability in SmartBear Zephyr Enterprise be exploited?

The vulnerability can be exploited by authorized users to reset passwords for other accounts.

What is the severity of CVE-2023-22891?

The severity of CVE-2023-22891 is high with a CVSS score of 8.1.

What software versions are affected by CVE-2023-22891?

SmartBear Zephyr Enterprise versions up to and including 7.15.0 are affected by CVE-2023-22891.

Is there a patch available to fix CVE-2023-22891?