repostbot33@lemmy.worldB to

netsec@lemmy.worldEnglish · 1 year ago

Critical Provesc Zero Day in Confluence

confluence.atlassian.com

1

cross-posted to:
[email protected]

4

Critical Provesc Zero Day in Confluence

confluence.atlassian.com

repostbot33@lemmy.worldB to

netsec@lemmy.worldEnglish · 1 year ago

1

cross-posted to:
[email protected]

CVE-2023-22515 - Privilege Escalation Vulnerability in Confluence Data Center and Server | Atlassian Support | Atlassian Documentation

confluence.atlassian.com

Chat

sun_is_ra
link
fedilink
English
arrow-up
2·
1 year ago

a local attacker could exploit the shortcoming to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.