Insufficient Granularity of Access Control

Overview Affected versions of this package are vulnerable to Insufficient Granularity of Access Control in the asset dependency graph. An attacker can gain unauthorized access to the existence and names of DAGs and assets outside their authorized scope by leveraging read access to at least one DA...

EUVD-2023-26663

Malicious code in bioql PyPI...

EUVD-2024-19298

Malicious code in bioql PyPI...

CVE-2023-22523

This vulnerability, if exploited, allows an attacker to perform privileged RCE Remote Code Execution on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application formerly known as Insight Discovery and the Assets Discovery agent...

CVE-2024-21682

This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 all versions. Assets Discovery, which can be downloaded via Atlassian Marketplace, is a network scanning tool that can be used with or without an agent with Jira Service Management Cloud, Data Center or...

Atlassian Jira Service Management Assets Discovery < 6.2.1 (JSDSERVER-15067)

The version of the Atlassian Jira Service Management Assets Discovery formerly Insight Discovery app running on the host is affected by a vulnerability as referenced in the JSDSERVER-15067 advisory. - This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 all...

CVE-2024-21682

This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 all versions. Assets Discovery, which can be downloaded via Atlassian Marketplace, is a network scanning tool that can be used with or without an agent with Jira Service Management Cloud, Data Center or...

CVE-2024-21682

This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 all versions. Assets Discovery, which can be downloaded via Atlassian Marketplace, is a network scanning tool that can be used with or without an agent with Jira Service Management Cloud, Data Center or...

Design/Logic Flaw

This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 all versions. Assets Discovery, which can be downloaded via Atlassian Marketplace, is a network scanning tool that can be used with or without an agent with Jira Service Management Cloud, Data Center or...

CVE-2024-21682

This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 all versions. Assets Discovery, which can be downloaded via Atlassian Marketplace, is a network scanning tool that can be used with or without an agent with Jira Service Management Cloud, Data Center or...

CVE-2024-21682

This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 all versions. Assets Discovery, which can be downloaded via Atlassian Marketplace, is a network scanning tool that can be used with or without an agent with Jira Service Management Cloud, Data Center or...

CVE-2024-21682

CVE-2024-21682 affects Atlassian Jira Service Management Assets Discovery (formerly Insight Discovery) versions 1.0 through 6.2.0. The vulnerability is an authenticated injection that lets an attacker modify the actions of a system call, with high impact on confidentiality, integrity, and availab...

Atlassian Assets Discovery Security Vulnerability

Atlassian Assets Discovery is an agentless network scanner from Atlassian Australia. A security vulnerability exists in Atlassian Assets Discovery versions 1.0 through 6.2.0, which stems from the presence of an injection vulnerability that could allow an authenticated attacker to modify system ca...

PT-2024-2154 · Atlassian · Jira Service Management Server +1

Name of the Vulnerable Software and Affected Versions: Assets Discovery versions 1.0 through 6.2.0 Description: This issue allows an authenticated attacker to modify system calls, potentially impacting confidentiality, integrity, and availability. It requires no user interaction. Assets Discovery...

Injection Vulnerability in Assets Discovery

This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 all versions. h3. What is Assets Discovery Assets Discovery, which can be downloaded via Atlassian Marketplace, is a network scanning tool that can be used with or without an agent with Jira Service Manageme...

Atlassian Releases Security Advisories for Multiple Products

Atlassian has released security updates to address vulnerabilities affecting multiple Atlassian products. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply th...

Atlassian Jira Assets Discovery Installed

Binary data atlassianjiraassetsdiscoverywininstalled.nbin...

Atlassian Jira Service Management Assets Discovery < 6.2.0 (JSDSERVER-14925)

The version of the Atlassian Jira Service Management Assets Discovery formerly Insight Discovery app running on the remote host is prior to 6.2.0. It is, therefore, affected by a remote code execution vulnerability as referenced in the JSDSERVER-14925 advisory. The vulnerability exists between th...

Vulnerability fixed in Atlassian Jira

Atlassian has fixed a vulnerability in Jira Assets Discovery. A malicious person with access to the connection between the Assets Discovery Agent and the Assets Discovery application, can exploit the exploit the vulnerability to execute arbitrary code on the system where the Assets Discovery Agen...

CVE-2023-22523

This vulnerability, if exploited, allows an attacker to perform privileged RCE Remote Code Execution on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application formerly known as Insight Discovery and the Assets Discovery agent...