Atlassian Data Center & Server Flaw Let Hackers Execute Arbitrary Code

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing

Atlassian, a leading provider of collaboration and productivity software, has released critical security updates addressing multiple high-severity vulnerabilities in its Data Center and Server products. If exploited, these vulnerabilities could allow attackers to execute arbitrary code on affected systems.

The most severe of these vulnerabilities, CVE-2024-21687, has a high CVSS score of 8.1 out of 10.

The affected products include:

  • Confluence Data Center and Server
  • Jira Software Data Center and Server
  • Jira Service Management Data Center and Server
  • Bitbucket Data Center and Server

These vulnerabilities were discovered through Atlassian’s Bug Bounty program, penetration testing processes, and third-party library scans. The company has released patches to address these issues in the latest versions of its products.

Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files

Among the disclosed vulnerabilities are:

  • CVE-2024-21687 – File Inclusion Vulnerability
  • CVE-2024-22262 – SSRF Vulnerability
  • CVE-2024-21686 – Stored XSS Vulnerability
  • CVE-2021-36090 – DoS(Denial of Service)
  • CVE-2024-21688 – Dependency vulnerability 
  • CVE-2022-41966 – DoS(Denial of Service)

While specific details about each vulnerability have not been provided, the potential impact of these flaws is significant. An authenticated attacker could exploit these vulnerabilities to execute arbitrary code on the affected systems, potentially leading to unauthorized access, data theft, or further compromise of the network.

Atlassian strongly recommends that customers upgrade their installations to the latest patched versions as soon as possible. Users can check the Vulnerability Disclosure Portal to search for CVEs and verify if their product versions are affected by the disclosed vulnerabilities.

It’s worth noting that Atlassian has recently enhanced its capabilities to address third-party dependent security issues. This proactive approach aims to minimize customer exposure while balancing the need to avoid unnecessary disruptions.

Impact and Recommendations

These vulnerabilities pose significant risks to organizations using affected Atlassian products. IT administrators and security teams are strongly advised to take the following actions:

  1. Update Immediately: Patch all affected Atlassian Data Center and Server products to the latest versions or one of the fixed versions listed in the security bulletin
  2. Review Configurations: Ensure that all instances are properly configured and follow Atlassian’s security best practices.
  3. Monitor Systems: Increase vigilance for any suspicious activities or unauthorized access attempts on Atlassian products.
  4. Implement Workarounds: For systems that cannot be immediately updated, consider implementing available workarounds, such as those suggested for the XStream vulnerability

As these vulnerabilities pose a significant risk, organizations using Atlassian Data Center and Server products should prioritize patching and updating their systems to mitigate potential threats.

“Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!”- Free Demo