Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

Four serious vulnerabilities in Atlassian’s software that might allow for remote code execution if properly exploited have been fixed with software updates.According to Atlassian, CVE-2023-22522 is a template injection vulnerability that enables code execution on a Confluence page by an authenticated attacker, including one with anonymous access.While CVE-2023-22524 could allow an attacker to achieve code execution by using WebSockets to get around Atlassian Companion’s blocklist and macOS Gatekeeper protections, the Assets Discovery flaw gives an attacker the ability to perform privileged remote code execution on machines that have the Assets Discovery agent installed.

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

06-Dec-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address