CVE-2023-22518 : ATLASSIAN CONFLUENCE DATA CENTER/CONFLUENCE SERVER IMPROPER AUTHORIZATION

Description

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

References

https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907

https://jira.atlassian.com/browse/CONFSERVER-93142

For More Information

CVERecord

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-6514 : HUAWEI AJMD-370S 103.1.0.110(SP12C00E2R1P2) BLUETOOTH MODULE LOGIC ERROR

CVE-2023-6514 : HUAWEI AJMD-370S 103.1.0.110(SP12C00E2R1P2) BLUETOOTH MODULE LOGIC ERROR

Description The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this

CVE-2023-22523 : ATLASSIAN ASSETS DISCOVERY CLOUD ASSETS DISCOVERY AGENT REMOTE CODE EXECUTION

CVE-2023-22523 : ATLASSIAN ASSETS DISCOVERY CLOUD ASSETS DISCOVERY AGENT REMOTE CODE EXECUTION

Description This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets

CVE-2023-49070 : APACHE OFBIZ UP TO 18.12.9 CODE INJECTION

CVE-2023-49070 : APACHE OFBIZ UP TO 18.12.9 CODE INJECTION

Description Pre-auth RCE in Apache Ofbiz 18.12.09. It’s due to XML-RPC no longer maintained still present. This issue affects Apache