Image
Body
Atlassian reveals four fresh critical flaws affecting Jira, Confluence, Bitbucket
Atlassian Jira, Confluence, Bitbucket and macOS Companion app users are warned to update their software immediately due to four critical vulnerabilities.The four flaws all allow remote code execution and impact the products listed below:
- CVE‑2022‑1471 – 9.8/10 – Automation for Jira app (including Server Lite edition), Bitbucket Data Center, Bitbucket Server, Confluence Data Center, Confluence Server, Confluence Cloud Migration App, Jira Core Data Center, Jira Core Server, Jira Service Management Data Center, Jira Service Management Server, Jira Software Data Center, Jira Software Server
- CVE‑2023‑22522 – 9.0/10 – Confluence Data Center and Server
- CVE‑2023‑22524 – 9.6/10 – Atlassian Companion App for MacOS, Jira Service Management Cloud, Data Center and Server
- CVE‑2023‑22523 – 9.8/10 – Assets Discovery app for Assets Discovery for Jira Service Management Cloud, Jira Service Management Server and Jira Service Management Data Center
These vulnerabilities were discovered via an internal security review at Atlassian as part of ongoing continuous security assessments.
If you are looking to examine all Critical Security Advisories relevant to your Atlassian products. As an Atlassian certified we can help verify affected versions and provide essential instructions for safeguarding your systems
Add new comment