VDB
WID-SEC-W-2023-3063
WID-SEC-W-2023-3063
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle. Confluence ist eine kommerzielle Wiki-Software. Jira ist eine Webanwendung zur Softwareentwicklung.
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Atlassian Confluence Server | ||
| Atlassian Bamboo < 9.2.7 | ||
| Atlassian Confluence Data Center | ||
| Atlassian Bitbucket Server | ||
| Atlassian Bitbucket < 8.14.2 | ||
| Atlassian Bitbucket < 8.13.3 | ||
| Atlassian Jira Software Core Data Center | ||
| Atlassian Confluence < 8.7.1 | ||
| Atlassian Confluence < 8.4.5 | ||
| Atlassian Bamboo < 9.3.5 | ||
| Atlassian Confluence < 8.6.2 | ||
| Atlassian Bitbucket < 7.21.18 | ||
| Atlassian Confluence < 8.5.4 | ||
| Atlassian Confluence < 8.3.4 | ||
| Atlassian Bitbucket Data Center | ||
| Atlassian Bitbucket < 8.9.7 | ||
| Atlassian Bitbucket < 8.12.4 | ||
| Atlassian Confluence Cloud Migration App | ||
| Atlassian Bitbucket < 8.11.6 | ||
| Atlassian Confluence < 7.19.17 |
Timeline
- Dec 5, 2023 CVE Published
- Dec 17, 2023 CVE Updated
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3063.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3063 advisory
- https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html url
- https://confluence.atlassian.com/security/cve-2023-22522-rce-vulnerability-in-confluence-data-center-and-confluence-server-1319570362.html url
- https://confluence.atlassian.com/security/cve-2023-22523-rce-vulnerability-in-assets-discovery-1319248914.html url
- https://confluence.atlassian.com/security/cve-2023-22524-rce-vulnerability-in-atlassian-companion-app-for-macos-1319249492.html url
- https://confluence.atlassian.com/security/security-bulletin-december-12-2023-1319249520.html url