CVE-2023-22524

Description

Certain versions of the Atlassian Companion App for MacOS were affected by a remote code execution vulnerability. An attacker could utilize WebSockets to bypass Atlassian Companion’s blocklist and MacOS Gatekeeper to allow execution of code.

NVD
Severity: CRITICAL
CVE ID: CVE-2023-22524
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Atlassian
Severity: CRITICAL
CVE ID: CVE-2023-22524
CVSS Score: 9.6
CVSS Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

imperva

Refrence: GitHub

ron-imperva

Atlassian Companion RCE Vulnerability Proof of Concept

Refrence: GitHub

Description​

Proof Of Concept​

Description

Proof Of Concept