InfoSecBulletin Cybersecurity for mankind
VMware and Atlassian disclosed critical vulnerabilities today. Even though there have been no reports of misuse, administrators should update their systems as soon as possible to prevent any issues.
There are two problems reported by Atlassian. The most important one is CVE-2023-22527, which is a flaw in the template system that can be exploited for remote code execution attacks. It has a CVSS rating of 10 out of 10 and affects Confluence Data Center and Server 8 versions released before December 5, 2023. Another affected version is 8.4.5, which is no longer supported.
WhatsApp banned on all US House of Representatives devices
Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store
OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems
Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
The solution: “immediately” patch each affected installation by updating to the latest available version, according to the vendor.
Atlassian fixed a high-severity issue in the FasterXML Jackson Databind code used in some versions of Jira Software Data Center and Server. The bug, tracked as CVE-2020-25649, could allow XML external entity (XXE) attacks.
It’s a good idea to update both Confluence and Jira Software to the latest version, according to the collaboration business.
VMware bug CVE-2023-34063. It’s a problem with access control in Aria Automation versions prior to 8.16. VMware Cloud Foundation may be affected.
The bug has a high rating of 9.9 CVSS. VMware warns that if it is successfully exploited, it can allow unauthorized access to remote organizations and workflows. Luckily this one also has a fix, so upgrade to VMware Aria Automation 8.16, and then apply the patch.
As the virtualization giant notes: “The only supported upgrade path after applying the patch is to version 8.16. VMware strongly recommends this version. If you upgrade to an intermediate version, the vulnerability will be reintroduced, requiring an additional round of patching.”
VMware has no reports of exploitation so far. However, it is likely that potential attackers are already searching for vulnerable installations. Therefore, it is important to apply the fix promptly, before the software vendor is required to update its advisory.
