Atlassian Confluence Remote Code Execution (CVE-2023-22527) | allinfosecnews.com

Feb. 1, 2024, 5:50 p.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

What is the Vulnerability?

On Jan 16 2024, Atlassian released an advisory for a template injection vulnerability on Confluence Data Center and Server. That can allow an unauthenticated attacker to remotely execute malicious code on affected versions. This vulnerability is rated with a severity level of 10.0 (Critical).

What is the Vendor Solution?

Atlassian highly recommend to apply the latest version available as listed on their advisory. [ Link ]

What FortiGuard Coverage is available?

FortiGuard Labs has an IPS …

advisory atlassian atlassian confluence attacker can center code code execution confluence confluence data center critical cve data data center injection malicious remote code remote code execution server severity solution template template injection unauthenticated vendor vulnerability what is

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) 15 hours ago | fortiguard.fortinet.com

attackers attacks cisa cisa known exploited vulnerabilities +27

ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 2 days, 16 hours ago | fortiguard.fortinet.com

adaptive security advisory april arcanedoor +22

Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 2 days, 17 hours ago | fortiguard.fortinet.com

access advisory akira akira ransomware +17

PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 1 week, 4 days ago | fortiguard.fortinet.com

advisory attack code code injection +27

XZ Utils Supply Chain Attack (CVE-2024-3094) 3 weeks, 2 days ago | fortiguard.fortinet.com

attack code compression cve +25

Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 4 weeks, 2 days ago | fortiguard.fortinet.com

access attacker code code execution +25

Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 1 month ago | fortiguard.fortinet.com

access application application developers attackers +31

Kimsuky Malware Attack 1 month ago | fortiguard.fortinet.com

attack cyber entities espionage +15

JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199) 1 month, 1 week ago | fortiguard.fortinet.com

attacker authentication authentication bypass bypass +15

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Open-Source Intelligence (OSINT) Policy Analyst (TS/SCI)

@ WWC Global | Reston, Virginia, United States

View on infosec-jobs.com

Security Architect (DevSecOps)

@ EUROPEAN DYNAMICS | Brussels, Brussels, Belgium

View on infosec-jobs.com

Infrastructure Security Architect

@ Ørsted | Kuala Lumpur, MY

View on infosec-jobs.com

Contract Penetration Tester

@ Evolve Security | United States - Remote

View on infosec-jobs.com

Senior Penetration Tester

@ DigitalOcean | Canada

View on infosec-jobs.com