Sign in / up

back to article Patch now: Critical VMware, Atlassian flaws found

VMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should patch now to avoid disappointment. First off, a pair of issues from Atlassian. Most serious is CVE-2023-22527, a template injection flaw that can allow unauthenticated remote code …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Holmes

    What does Confluence Data Center even do ?

    Confluence Data Center is a self-managed solution that provides you with the additional configuration options you need to meet the collaboration needs of the most demanding teams. This page provides an overview of options and considerations for large enterprises using Confluence.”

    1 0 Reply
    1. Claptrap314 Silver badge
      Reply Icon
      Devil

      Re: What does Confluence Data Center even do ?

      With this bug, I would say, "Whatever an attacker wants"...

      7 0 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: What does Confluence Data Center even do ?

      Confluence is a glorified wiki.

      Confluence Datacenter is the eye-wateringly priced replacement for the server version, for anyone daring/daft enough to want to host the thing themselves, rather than handing their IPR over to Atlassian.

      4 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: What does Confluence Data Center even do ?

        "Con-fluence".

        As in "who conned management into buying this bloody thing?"

        4 1 Reply
        1. Anonymous Coward
          Reply Icon
          Anonymous Coward

          Re: What does Confluence Data Center even do ?

          I see Microsoft still have accounts here...

          0 1 Reply
  2. CowHorseFrog Silver badge

    Atlassian must be proud its been at least 7d since their last take over everything exploit.

    Its a small wonder why any company would continue to use their products given their total disregard for security.

    1 1 Reply
    1. Bitsminer Silver badge
      Reply Icon

      another CVE metric?

      Your comment brings to mind a very common metric in the chemicals and manufacturing industries.

      "Days since a lost-time accident." Where "lost-time" means an employee required medical attention taking them away from work.

      I guess Windows would be around 3 or 4 days. Atlassian a week.

      1 0 Reply
      1. CowHorseFrog Silver badge
        Reply Icon

        Re: another CVE metric?

        All true, but Windows is magnitudes more complex than any single or even all Atlassian products.

        0 1 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like