AceSecurityDesk – ASD’s ACSC Alert : This Alert is relevant to Australians who use Atlassian products including Confluence, Jira and Bitbucket.
Ace Press News From Cutting Room Floor: Published: Dec.07: 2023: Published: 07 December 2023: TELEGRAM Ace Daily News Link https://t.me/+PuI36tlDsM7GpOJe
Background / What has happened?
- Atlassian have released patches for security vulnerabilities in certain products including many versions of Confluence, Jira and Bitbucket.
- Three of these vulnerabilities are critical and of concern (CVE-2023-22522, CVE-2023-22523 and CVE-2022-1471)
- The Australian Signal Directorate’s Australian Cyber Security Centre (ASD’s ACSC) notes that previous critical vulnerabilities in Confluence and Jira have had significant exploitation by malicious cyber actors.
- Patch differential analysis, a technique frequently used by malicious cyber actors to reverse engineer patched vulnerabilities, will likely be performed against Atlassian’s patches. An exploitation campaign targeting these vulnerabilities is more likely than not.
- Operators should act now to secure their systems before an exploitation campaign begins.
- Atlassian Cloud operated sites are not affected.
- Another critical vulnerability also has been fixed in the MacOS Atlassian Companion Application (CVE-2023-22524). This vulnerability requires user interaction, but is still critical and operators are advised to patch.
- Additional Information can be found in the following vendor advisories:
- https://confluence.atlassian.com/security/cve-2023-22522-rce-vulnerability-in-confluence-data-center-and-confluence-server-1319570362.html
- https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html
- https://confluence.atlassian.com/security/cve-2023-22523-rce-vulnerability-in-assets-discovery-1319248914.html
- https://confluence.atlassian.com/security/cve-2023-22524-rce-vulnerability-in-atlassian-companion-app-for-macos-1319249492.html
Mitigation / How do I stay secure?
- If you operate Confluence, Jira or Bitbucket, particularly in internet facing configurations, review the vendor advisories to determine if you are affected
- If you are affected carefully apply all vendor recommended mitigations.
- Reassess whether your system needs to be internet facing and filter from the internet if possible.
Assistance / Where can I go for help?
Organisations or individuals that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371).
Read this alert on the website: https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/serious-vulnerabilities-in-atlassian-products-including-confluence-jira-and-bitbucket
Are you a victim of cybercrime? Visit ReportCyber to take your next steps.
We use hyperlinks to give you more information. If you don’t want to click hyperlinks, you can search for the information on the ACSC Website.
@acenewsservices
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links and thanks for following as always appreciate every like, reblog or retweet and comment thank you
You must be logged in to post a comment.