Atlassian has issued software patches to rectify four critical vulnerabilities in its software. Successful exploitation of these flaws could lead to remote code execution.
The following is a list of vulnerabilities:
- CVE-2022-1471 (CVSS score: 9.8): Deserialization vulnerability in the SnakeYAML library, posing a risk of remote code execution across multiple products.
- CVE-2023-22522 (CVSS score: 9.0): Remote code execution vulnerability identified in Confluence Data Center and Confluence Server, impacting all versions from 4.0.0 onward.
- CVE-2023-22523 (CVSS score: 9.8): Remote code execution vulnerability in Assets Discovery for Jira Service Management Cloud, Server, and Data Center. This affects all versions up to, but not including, 3.2.0-cloud / 6.2.0 data center and server.
- CVE-2023-22524 (CVSS score: 9.6): Remote code execution vulnerability discovered in the Atlassian Companion app for macOS, impacting all versions up to, but not including, 2.0.0.
Atlassian characterized CVE-2023-22522 as a template injection vulnerability. This flaw enables an authenticated attacker, including one with anonymous access, to inject potentially harmful user input into a Confluence page, leading to the execution of arbitrary code.
The Assets Discovery vulnerability enables an attacker to execute privileged remote code on machines with the Assets Discovery agent installed. On the other hand, CVE-2023-22524 may allow an attacker to achieve code execution by leveraging WebSockets to bypass the blocklist of Atlassian Companion and macOS Gatekeeper protections.
The advisory is issued almost a month following the Australian software company’s disclosure of a critical security vulnerability actively exploited in Apache ActiveMQ (CVE-2023-46604, CVSS score: 10.0) affecting all versions of its Bamboo Data Center and Server products. Remediation is provided through the release of fixes in versions 9.2.7, 9.3.5, and 9.4.1 or later.
Given the increasing attractiveness of Atlassian products as targets for attacks in recent years, it is strongly advised that users promptly update affected installations to a patched version.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment