Patch Now: Critical Atlassian Bugs Endanger Enterprise Apps

  /     /     /  
Publicated : 23/11/2024   Category : security


Patch Now: Critical Atlassian Bugs Endanger Enterprise Apps


Four RCE vulnerabilities in Confluence, Jira, and other platforms, allow instance takeover and environment infestation.



Its time to patch again: Four critical security vulnerabilities in Atlassian software open the door to remote code execution (RCE) and subsequent lateral movement within enterprise environments. They are just the latest bugs to surface of late in the software makers collaboration and DevOps platforms, which tend to be a favorite target for cyberattackers.
The vulnerabilities, which Atlassian issued fixes for on Tuesday, include:
CVE-2022-1471
(CVSS vulnerability severity score of 9.8 out of 10): Deserialization in the
SnakeYAML
library, affecting multiple Atlassian software platforms.
CVE-2023-22522
(CVSS 9): Authenticated template injection vulnerability affecting Confluence Server and Data Center. Someone logged into the system, even anonymously, can inject unsafe user input into a Confluence page and achieve RCE, according to Atlassian.
CVE-2023-22523
(CVSS 9.8): Privileged RCE in the Assets Discovery network-scanning tool for Jira Service Management Cloud, Server, and Data Center. According to Atlassians advisory, The vulnerability exists between the Assets Discovery application (formerly known as Insight Discovery) and the Assets Discovery agent.
CVE-2023-22524
(CVSS 9.6): RCE in the Atlassian Companion app for macOS, which is used for file editing in Confluence Data Center and Server. An attacker could utilize WebSockets to bypass Atlassian Companions blocklist and MacOS Gatekeeper to allow the execution of code, the advisory read.
The latest advisories come hard on the heels of a string of bug disclosures from Atlassian, which have been tied to both zero-day and post-patch exploitation.
Atlassian software is a popular target for threat actors, especially Confluence, which is a popular Web-based corporate wiki used for collaboration in cloud and hybrid server environments. It allows one-click connections to a variety of different databases, making its utility for attackers nonpareil. More than 60,000 customers use Confluence, including LinkedIn, NASA, and the New York Times.
If past is prologue, admins should patch the latest bugs immediately. In October, for instance, the software company rolled out security fixes for a max-severity RCE bug (CVSS 10) in Confluence Data Center and Server (CVE-2023-22515), which had been exploited prior to patching by a
China-sponsored advanced persistent threat (APT) tracked as Storm-0062
. A string of proof-of-concept exploits also quickly cropped up for it after disclosure, paving the way for mass exploitation attempts.
Quickly after, in November, another RCE bug reared its head in Confluence Data Center and Server that had been exploited as a zero-day in the wild, originally listed with a 9.1 CVSS score. However, a glut of active ransomware and other cyberattacks after patches were released
prompted Atlassian to up the severity score to 10
.
That same month, Atlassian revealed that the Bamboo
continuous integration (CI) and continuous delivery (CD)
server for software development, as well as Confluence Data Center and Server, were both vulnerable to yet another max-severity issue — this time in the Apache Software Foundations (ASF)
ActiveMQ message broker (CVE-2023-46604, CVSS 10)
. The bug, which was weaponized as an
n-day bug
, was also quickly furnished with PoC exploit code, allowing a remote attacker to execute arbitrary commands on affected systems. Atlassian has released fixes for both platforms.

Last News

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security

▸ Feds probe cyber breaches at JPMorgan, other banks. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Patch Now: Critical Atlassian Bugs Endanger Enterprise Apps