December 11, 2024 at 08:03AM
Atlassian and Splunk issued patches for numerous vulnerabilities in their products. Atlassian fixed 10 high-severity flaws in various Data Center and Server applications, while Splunk addressed over 15 vulnerabilities, including a high-severity issue in its Secure Gateway app. Users are urged to update promptly; no exploits have been reported.
**Meeting Takeaways: Atlassian and Splunk Security Updates**
1. **Atlassian Patches:**
– **Overview:** Atlassian has addressed over 10 high-severity vulnerabilities in various products.
– **Products Affected:**
– **Bamboo Data Center and Server:** 5 bugs patched in Apache Commons Compress, AWS SDK for Java, Bouncy Castle APIs, Apache Tomcat, and Connect2id Nimbus JOSE+JWT.
– **Bitbucket Data Center and Server:** Flaws in Hazelcast, Micromatch package, and Spring framework resolved.
– **Confluence Data Center and Server:** Updates for Apache Commons Compress, Hazelcast, Minimatch package, and JSON5 library.
– **Action Required:** Users are advised to update their instances promptly, though no exploitation of these vulnerabilities has been reported.
2. **Splunk Patches:**
– **Overview:** Splunk published seven security advisories related to more than 15 vulnerabilities, including a notable high-severity issue.
– **Key Vulnerability:**
– **CVE-2024-53247 (CVSS score 8.8):** Deserialization of untrusted data issue in the Secure Gateway app allowing code execution by low-privileged users, linked to the Jsonpickle Python library.
– **Products Affected:**
– **Splunk Enterprise Versions:** Patches released for versions 9.3.2, 9.2.4, and 9.1.7.
– Fixes also provided for other medium- and low-severity flaws affecting Dashboards, Search, and Web components.
– **Clarification:** Universal Forwarder is not affected by a low-severity defect in OpenSSL (CVE-2024-5535).
– **Action Required:** Users should review Splunk’s advisories page for more detailed information, with no reports of these vulnerabilities being exploited in the wild.
3. **Additional Notes:**
– Both companies encourage immediate updates to mitigate risks associated with the identified vulnerabilities.
– Related vulnerabilities and patches from Ivanti, SailPoint, and other products were also briefly mentioned during the meeting.
**Conclusion:** Prompt updates are vital for both Atlassian and Splunk users to ensure system integrity and security. Further details can be found in respective security bulletins and advisories.