A Vulnerability in Atlassian Confluence Data Center and Server Could Allow for Remote Code Execution | allinfosecnews.com

Jan. 17, 2024, 5:35 p.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A vulnerability has been discovered in Atlassian Confluence Server and Data Center which could allow for remote code execution. Confluence is a collaboration tool that brings people, knowledge, and ideas together in a shared workspace. Successful exploitation of this vulnerability could allow an attacker to create unauthorized Confluence administrator accounts to access the instance. An attacker could then preform administrator actions in the context of the confluence instance.

atlassian atlassian confluence atlassian confluence data center atlassian confluence server attacker center code code execution collaboration confluence confluence data center confluence server confluence server and data center data data center exploitation ideas knowledge people remote code remote code execution server tool vulnerability workspace

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

A Vulnerability in Check Point Security Gateways Could Allow for Credential Access 1 day, 13 hours ago | www.cisecurity.org

access block check check point +16

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2 days, 6 hours ago | www.cisecurity.org

arbitrary code arbitrary code execution chrome code +7

Multiple Vulnerabilities in LenelS2 NetBox Could Allow for Arbitrary Code Execution 2 days, 11 hours ago | www.cisecurity.org

access access control arbitrary code arbitrary code execution +14

Multiple Vulnerabilities in Fortinet FortiSIEM Could Allow for Remote Code Execution 3 days, 12 hours ago | www.cisecurity.org

analysis awareness code code execution +17

A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 1 week, 1 day ago | www.cisecurity.org

access arbitrary code arbitrary code execution browser +12

A Vulnerability in GitHub Enterprise Server (GHES) Could Allow for Authentication Bypass 1 week, 2 days ago | www.cisecurity.org

applications authentication authentication bypass automate +23

A Vulnerability in SolarWinds Access Rights Manager Could Allow for Privilege Escalation 2 weeks, 3 days ago | www.cisecurity.org

access access rights account attacker +14

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2 weeks, 3 days ago | www.cisecurity.org

arbitrary code arbitrary code execution chrome code +7

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2 weeks, 4 days ago | www.cisecurity.org

access arbitrary code arbitrary code execution browser +17

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com