9.8

CVE-2023-22523

EPSS 11.15%
Veröffentlicht 06.12.2023 05:15:10
Zuletzt bearbeitet 21.11.2024 07:44:58
Quelle security@atlassian.com
CVE-Watchlists
Login
Unerledigt
Login

This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application (formerly known as Insight Discovery) and the Assets Discovery agent.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

NVD 5 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Atlassian ≫ Assets Discovery Cloud Version >= 1.0.0 < 3.2.0

Atlassian ≫ Assets Discovery Data Center Version >= 1.0.0 <= 3.1.11

Atlassian ≫ Assets Discovery Data Center Version >= 6.0.0 < 6.2.0

Atlassian ≫ Assets Discovery Data Server Version >= 1.0.0 <= 3.1.11

Atlassian ≫ Assets Discovery Data Server Version >= 6.0.0 < 6.2.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	11.15%	0.954

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security@atlassian.com	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://confluence.atlassian.com/security/cve-2023-22523-rce-vulnerability-in-assets-discovery-1319248914.html

Vendor Advisory

https://jira.atlassian.com/browse/JSDSERVER-14925

Vendor Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2023-22523

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-22523

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-22523

EUVD