VDB
GSD-2023-22524
GSD-2023-22524
PUBLISHED
CVSS 9.600000381469727 CRITICAL
Certain versions of the Atlassian Companion App for MacOS were affected by a remote code execution vulnerability. An attacker could utilize WebSockets to bypass Atlassian Companion’s blocklist and MacOS Gatekeeper to allow execution of code.
Risk Scores
CVSS v3.0
9.600000381469727
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Atlassian | Companion for Mac | >= 1.0.0, >= 1.1.0, >= 1.2.0 |
Exploit Intelligence
- Atlassian Companion RCE Vulnerability Proof of Concept (github-poc)
- imperva/CVE-2023-22524 (github-poc)
- https://confluence.atlassian.com/security/cve-2023-22524-rce-vulnerability-in-atlassian-companion-app-for-macos-1319249492.html (circl)
- https://jira.atlassian.com/browse/CONFSERVER-93518 (circl)
- CIRCL seen: CVE-2023-22524 (circl-sighting)
Timeline
- Jan 30, 2024 PoC Published
- Apr 22, 2026 CVE Published