Patchday: Atlassian equips data centers against malware attacks
For security reasons, admins should update Jira Data Center and Server and Service Management, among other things.
(Image: Artur Szczybylo/Shutterstock.com)
- Dennis Schirrmacher
The software provider Atlassian has closed security gaps in several products, some of which are critical. If attacks are successful, malicious code can get onto computers and completely compromise systems.
In the security section of its website, the provider lists information on a total of 37 closed software vulnerabilities. Admins should check this list thoroughly to identify the products that affect them.
Videos by heise
Dangerous vulnerabilities
The"critical" vulnerability (CVE-2024-1597) affects Confluence Data Center and Server and Jira Data Center and Server. If attacks are successful, attackers can execute their own commands via an SQL injection attack.
The remaining vulnerabilities are rated"high" and affect Bamboo Data Center and Server, Bitbucket Data Center and Server, Crowd Data Center and Server and Jira Service Management Data Center and Server.
Attackers can use the gaps for DoS or even execute malicious code, among other things. Vulnerable editions are available.
(des)
