Atlassian has issued patches for two dozen vulnerabilities in its Bamboo, Bitbucket, Confluence, and Jira products, including a critical-severity bug that can be exploited without user interaction.
The critical-severity flaw, identified as CVE-2024-1597 (CVSS score of 10) and described as a SQL injection issue, affects the org.postgresql:postgresql third-party dependency of Bamboo Data Center and Server.
According to Atlassian, the vulnerability “could allow an unauthenticated attacker to expose assets in your environment susceptible to exploitation which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.”
Read More: Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.