Atlassian Jira Privileged RCE and More Atlassian Vulnerabilities

Request an audit

8^th December 2023

Summary

On Tuesday Atlassian published a security bulletin for a critical severity vulnerability in the Assets Discovery agent for Jira Service Management Cloud, Jira Service Management Server, and Jira Service Management Data Center. CVE-2023-22523 (CVSS:3.0: 9.8) is a Remote Code Execution (RCE) Vulnerability which allows an attacker to perform privileged RCE if exploited. At this time, there are no reports of an active exploit. There is a high potential impact to confidentiality, integrity, and availability, as an attacker can obtain privileged access.

Affected Versions

This vulnerability affects all versions prior to Assets Discovery 3.2.0-cloud / 6.2.0 data center and server.

Jira Service Management Cloud, Assets Discovery:

Insight Discovery 1.0 – 3.1.3
Assets Discovery 3.1.4 – 3.1.7
Assets Discovery 3.1.8-cloud – 3.1.11-cloud

Jira Service Management Data Center and Server, Assets Discovery:

Insight Discovery 1.0 – 3.1.7
Assets Discovery 3.1.9 – 3.1.11
Assets Discovery 6.0.0 – 6.1.14, 6.1.14-jira-dc-8

Fixed Version

Jira Service Management Cloud: Assets Discovery 3.2.0-cloud or later
Jira Service Management Data Center and Server: Assets Discovery 6.2.0 or later

Recommendations

Due to the critical severity of this vulnerability, organisations are recommended take immediate action to protect their systems.

Uninstall Assets Discovery agents
Apply the Assets Discovery application patch
Reinstall Assets Discovery agents

If you are unable to immediately uninstall the Assets Discovery agents, then Atlassian recommends to block the port used for communication with the agents, which is port 51337 by default, as a temporary mitigation.

More Vulnerabilities

CVE-2023-22522 (CVSS:3.0: 9.0 – Critical) – Confluence Data Center and Confluence Server – Template Injection vulnerability in Confluence pages

CVE-2023-22524 (CVSS:3.0: 9.6 – Critical) – Atlassian Companion App for MacOS – RCE Vulnerability by bypassing the Companion’s blocklist and MacOS Gatekeeper

CVE-2022-1471 (CVSS:3.0: 9.8 – Critical) – Multiple Products – SnakeYAML library RCE Vulnerability

Services

IT security assessment

Security & network assessment

Ethical hacking

OT/IoT security assessment

Red & Blue Teaming

M365 assessment

Governance

Decision tree

GDPR assessment

ISO 27k assessment

Social engineering

Cybersecurity maturity assessment

Networking

Security & network assessment

OT/IoT network assessment

Identify

Managed services

Network Operations Centre (NOC)

Security Operations Centre (SOC)

Network as a Service (NaaS)

Security Governance

UBA

Governance

Chief Information Security Officer (CISO)

Information Security Officer (ISO)

Social engineering

Security awareness training

Information Protection & Governance

Security & networking optimization

High-level design

Wireless/wired networking

Network Virtualisation & Automation (SDN)

SD-WAN

Endpoint security

Prevent & protect

Managed services

Security Operations Center (SOC)

CSIRT

Network Operations Centre (NOC)

Network as a Service (NaaS)

Endpoint Detection & Response

Governance

Chief Information Security Officer (CISO)

Data Protection Officer (DPO)

Detect & respond

Managed services

Network Operations Centre (NOC)

Security Operations Centre (SOC)

Network as a Service (NaaS)

CISO as a Service

DPO as a Service

Governance

Chief Information Security Officer (CISO)

Data Protection Officer (DPO)

Recover

Atlassian Jira Privileged RCE and More Atlassian Vulnerabilities

Summary

Affected Versions

Fixed Version

Recommendations

More Vulnerabilities

Ready to discuss your security needs?