CVE-2023-22524
Description
Certain versions of the Atlassian Companion App for MacOS were affected by a remote code execution vulnerability. An attacker could utilize WebSockets to bypass Atlassian Companion’s blocklist and MacOS Gatekeeper to allow execution of code.
NVD
Severity: CRITICAL
CVE ID: CVE-2023-22524
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Atlassian
Severity: CRITICAL
CVE ID: CVE-2023-22524
CVSS Score: 9.6
CVSS Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Proof Of Concept
imperva
Refrence: GitHub
ron-imperva
Atlassian Companion RCE Vulnerability Proof of Concept
Refrence: GitHub