Topics
late
AI
Amazon
Image Credits:William West(opens in a new window)/ Getty Images
Apps
Biotech & Health
Climate
Image Credits:William West(opens in a new window)/ Getty Images
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
Fundraising
Gadgets
gage
Government & Policy
ironware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
blank space
startup
TikTok
Transportation
speculation
More from TechCrunch
case
Startup Battlefield
StrictlyVC
Podcasts
video
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
Australian software giant star Atlassian has warned of a vital security measure fault that could lead to “ meaning information loss ” for customer , just weeks after country - backed hackers targeted its product .
This late vulnerability , chase after as CVE-2023 - 22518 and rated 9.1 out of 10 on the vulnerability severity marking system , has been draw as an example of “ improper sanction vulnerability . ” Atlassian has warned that it could lead to “ significant information loss if tap by an unauthenticated aggressor . ”
The company has n’t detailed how the fault can help information going , and Atlassian spokesperson Ana Keltchina did n’t directly respond to TechCrunch ’s doubtfulness .
Atlassian noted that there were no reports of active using as of October 31 and state there is “ no impact to confidentiality as an aggressor can not exfiltrate any instance data point . ” Atlassian Cloud sites access via an atlassian.net domain are also unaffected by this exposure , Atlassian said .
The company ’s advisory included a message from Atlassian CISO Bala Sathiamurthy , who say that while the defect is not yet being actively exploit , customers must take “ prompt action ” to protect their example .
The advisory warns that all publicly accessible Confluence Data Center and Server versions “ are at critical risk and require immediate attention . ” Atlassian urge administrators to upgrade to a furbish up variant without hold , and say that if that is not possible , temporary palliation must be applied .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
“ example approachable to the public internet , including those with substance abuser authentication , should be trammel from external mesh access code until you may patch , ” the troupe added .
originally this month , Atlassian announced its plans toacquire TV messaging service Loom for $ 975 million . The company say it believe that Loom can be a useful collaboration tool for its platform , especially Jira and Confluence .
Barracuda urge client to get rid of and replace vulnerable hardware exploit by hackers
