Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Atlassian fixed critical flaws in Confluence and Crowd

Australian software firm Atlassian patched 12 critical and high-severity flaws in Bamboo, Bitbucket, Confluence, Crowd, and Jira. Software firm Atlassian released security patches to address 12 critical- and high-severity vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd, and Jira products. The most severe vulnerabilities addressed by the company are: CVE-2024-50379 – (CVSS score of 9.8) – RCE […]

Atlassian Confluence CVE-2023-22515

Australian software firm Atlassian patched 12 critical and high-severity flaws in Bamboo, Bitbucket, Confluence, Crowd, and Jira.

Software firm Atlassian released security patches to address 12 critical- and high-severity vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd, and Jira products.

The most severe vulnerabilities addressed by the company are:

CVE-2024-50379 – (CVSS score of 9.8) – RCE (Remote Code Execution) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center and Server in Confluence Data Center. The flaw is a TOCTOU race condition in Apache Tomcat that allows RCE on case-insensitive file systems with a non-default write-enabled servlet. Update to 11.0.2, 10.1.34, or 9.0.98.

CVE-2024-56337 – (CVSS score of 9.8) – RCE (Remote Code Execution) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center and Server. The flaw is an Apache Tomcat’s TOCTOU vulnerability, caused by incomplete mitigation for CVE-2024-50379. The vulnerability requires extra config on case-insensitive file systems. Fix in 11.0.3, 10.1.35, 9.0.99.

CVE-2024-52316 – (CVSS score of 9.8) – BASM (Broken Authentication & Session Management) org.apache.tomcat:tomcat-catalina Dependency in Crowd Data Center and Server. An unchecked error in Apache Tomcat’s Jakarta Authentication may allow auth bypass if a custom ServerAuthContext fails without setting an HTTP status. Affects versions 9.0.0-M1–9.0.95, 10.1.0-M1–10.1.30, 11.0.0-M1–11.0.0-M26. Upgrade to 9.0.96, 10.1.31, or 11.0.0.

CVE-2024-50379 – (CVSS score of 9.8) – A TOCTOU race condition in Apache Tomcat allows RCE on case-insensitive file systems. Affects versions 9.0.0.M1-9.0.97, 10.1.0-M1-10.1.33, 11.0.0-M1-11.0.1. Upgrade to 9.0.98, 10.1.34, or 11.0.2.

CVE-2024-56337 – (CVSS score of 9.8) – Apache Tomcat’s TOCTOU race condition (CVE-2024-50379) fix was incomplete. Affects versions 9.0.0-M1–9.0.97, 10.1.0-M1–10.1.33, 11.0.0-M1–11.0.1. Users on case-insensitive file systems with write-enabled default servlet need additional Java-specific mitigations. Fixed in Tomcat 9.0.99, 10.1.35, and 11.0.3.

The company did not disclose whether these flaws have been exploited in attacks in the wild.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Atlassian)