Search
Find a vulnerability
Search criteria
2 vulnerabilities found for assets_discovery_data_server by atlassian
CVE-2023-22523 (GCVE-0-2023-22523)
Vulnerability from nvd – Published: 2023-12-06 05:00 – Updated: 2026-02-25 16:52
VLAI
Summary
This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application (formerly known as Insight Discovery) and the Assets Discovery agent.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- RCE (Remote Code Execution)
- CWE-noinfo Not enough information
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Atlassian | Assets Discovery Cloud |
Unaffected:
< 1.0.0
Affected: >= 1.0.0 Affected: >= 1.5.7.0 Affected: >= 1.5.7.1 Affected: >= 1.5.7.3 Affected: >= 1.5.7.4 Affected: >= 1.6.1.2 Affected: >= 1.6.2.0 Affected: >= 1.6.3.0 Affected: >= 1.6.4.0 Affected: >= 1.6.4.4 Affected: >= 1.7.0.0 Affected: >= 1.7.1.0 Affected: >= 1.7.2.0 Affected: >= 1.8.0.0 Affected: >= 1.8.1.1 Affected: >= 1.8.1.2 Affected: >= 1.8.1.3 Affected: >= 1.8.1.4 Affected: >= 1.8.1.5 Affected: >= 1.8.2.0 Affected: >= 2.0.0.0 Affected: >= 3.1.0 Affected: >= 3.1.1 Affected: >= 3.1.10 Affected: >= 3.1.11 Affected: >= 3.1.2 Affected: >= 3.1.3 Affected: >= 3.1.4 Affected: >= 3.1.5 Affected: >= 3.1.6 Affected: >= 3.1.7 Affected: >= 3.1.8 Affected: >= 3.1.9 Unaffected: >= 3.2.0 |
|
| Atlassian | Assets Discovery Data Center |
Unaffected:
< 1.0.0
Affected: >= 1.0.0 Affected: >= 3.1.0 Affected: >= 3.1.1 Affected: >= 3.1.10 Affected: >= 3.1.11 Affected: >= 3.1.2 Affected: >= 3.1.3 Affected: >= 3.1.4 Affected: >= 3.1.5 Affected: >= 3.1.6 Affected: >= 3.1.7 Affected: >= 3.1.9 Affected: >= 6.0.0 Affected: >= 6.1.10 Affected: >= 6.1.11 Affected: >= 6.1.12 Affected: >= 6.1.13 Affected: >= 6.1.14 Affected: >= 6.1.9 Unaffected: >= 6.2.0 |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:48.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://confluence.atlassian.com/security/cve-2023-22523-rce-vulnerability-in-assets-discovery-1319248914.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/JSDSERVER-14925"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22523",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-14T05:00:08.551203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T16:52:39.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Assets Discovery Cloud",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.5.7.0"
},
{
"status": "affected",
"version": "\u003e= 1.5.7.1"
},
{
"status": "affected",
"version": "\u003e= 1.5.7.3"
},
{
"status": "affected",
"version": "\u003e= 1.5.7.4"
},
{
"status": "affected",
"version": "\u003e= 1.6.1.2"
},
{
"status": "affected",
"version": "\u003e= 1.6.2.0"
},
{
"status": "affected",
"version": "\u003e= 1.6.3.0"
},
{
"status": "affected",
"version": "\u003e= 1.6.4.0"
},
{
"status": "affected",
"version": "\u003e= 1.6.4.4"
},
{
"status": "affected",
"version": "\u003e= 1.7.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.7.1.0"
},
{
"status": "affected",
"version": "\u003e= 1.7.2.0"
},
{
"status": "affected",
"version": "\u003e= 1.8.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.8.1.1"
},
{
"status": "affected",
"version": "\u003e= 1.8.1.2"
},
{
"status": "affected",
"version": "\u003e= 1.8.1.3"
},
{
"status": "affected",
"version": "\u003e= 1.8.1.4"
},
{
"status": "affected",
"version": "\u003e= 1.8.1.5"
},
{
"status": "affected",
"version": "\u003e= 1.8.2.0"
},
{
"status": "affected",
"version": "\u003e= 2.0.0.0"
},
{
"status": "affected",
"version": "\u003e= 3.1.0"
},
{
"status": "affected",
"version": "\u003e= 3.1.1"
},
{
"status": "affected",
"version": "\u003e= 3.1.10"
},
{
"status": "affected",
"version": "\u003e= 3.1.11"
},
{
"status": "affected",
"version": "\u003e= 3.1.2"
},
{
"status": "affected",
"version": "\u003e= 3.1.3"
},
{
"status": "affected",
"version": "\u003e= 3.1.4"
},
{
"status": "affected",
"version": "\u003e= 3.1.5"
},
{
"status": "affected",
"version": "\u003e= 3.1.6"
},
{
"status": "affected",
"version": "\u003e= 3.1.7"
},
{
"status": "affected",
"version": "\u003e= 3.1.8"
},
{
"status": "affected",
"version": "\u003e= 3.1.9"
},
{
"status": "unaffected",
"version": "\u003e= 3.2.0"
}
]
},
{
"product": "Assets Discovery Data Center",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 3.1.0"
},
{
"status": "affected",
"version": "\u003e= 3.1.1"
},
{
"status": "affected",
"version": "\u003e= 3.1.10"
},
{
"status": "affected",
"version": "\u003e= 3.1.11"
},
{
"status": "affected",
"version": "\u003e= 3.1.2"
},
{
"status": "affected",
"version": "\u003e= 3.1.3"
},
{
"status": "affected",
"version": "\u003e= 3.1.4"
},
{
"status": "affected",
"version": "\u003e= 3.1.5"
},
{
"status": "affected",
"version": "\u003e= 3.1.6"
},
{
"status": "affected",
"version": "\u003e= 3.1.7"
},
{
"status": "affected",
"version": "\u003e= 3.1.9"
},
{
"status": "affected",
"version": "\u003e= 6.0.0"
},
{
"status": "affected",
"version": "\u003e= 6.1.10"
},
{
"status": "affected",
"version": "\u003e= 6.1.11"
},
{
"status": "affected",
"version": "\u003e= 6.1.12"
},
{
"status": "affected",
"version": "\u003e= 6.1.13"
},
{
"status": "affected",
"version": "\u003e= 6.1.14"
},
{
"status": "affected",
"version": "\u003e= 6.1.9"
},
{
"status": "unaffected",
"version": "\u003e= 6.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Bug Bounty"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application (formerly known as Insight Discovery) and the Assets Discovery agent."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "RCE (Remote Code Execution)",
"lang": "en",
"type": "RCE (Remote Code Execution)"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-06T15:30:00.483Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"url": "https://confluence.atlassian.com/security/cve-2023-22523-rce-vulnerability-in-assets-discovery-1319248914.html"
},
{
"url": "https://jira.atlassian.com/browse/JSDSERVER-14925"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2023-22523",
"datePublished": "2023-12-06T05:00:02.793Z",
"dateReserved": "2023-01-01T00:01:22.333Z",
"dateUpdated": "2026-02-25T16:52:39.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-22523 (GCVE-0-2023-22523)
Vulnerability from cvelistv5 – Published: 2023-12-06 05:00 – Updated: 2026-02-25 16:52
VLAI
Summary
This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application (formerly known as Insight Discovery) and the Assets Discovery agent.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- RCE (Remote Code Execution)
- CWE-noinfo Not enough information
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Atlassian | Assets Discovery Cloud |
Unaffected:
< 1.0.0
Affected: >= 1.0.0 Affected: >= 1.5.7.0 Affected: >= 1.5.7.1 Affected: >= 1.5.7.3 Affected: >= 1.5.7.4 Affected: >= 1.6.1.2 Affected: >= 1.6.2.0 Affected: >= 1.6.3.0 Affected: >= 1.6.4.0 Affected: >= 1.6.4.4 Affected: >= 1.7.0.0 Affected: >= 1.7.1.0 Affected: >= 1.7.2.0 Affected: >= 1.8.0.0 Affected: >= 1.8.1.1 Affected: >= 1.8.1.2 Affected: >= 1.8.1.3 Affected: >= 1.8.1.4 Affected: >= 1.8.1.5 Affected: >= 1.8.2.0 Affected: >= 2.0.0.0 Affected: >= 3.1.0 Affected: >= 3.1.1 Affected: >= 3.1.10 Affected: >= 3.1.11 Affected: >= 3.1.2 Affected: >= 3.1.3 Affected: >= 3.1.4 Affected: >= 3.1.5 Affected: >= 3.1.6 Affected: >= 3.1.7 Affected: >= 3.1.8 Affected: >= 3.1.9 Unaffected: >= 3.2.0 |
|
| Atlassian | Assets Discovery Data Center |
Unaffected:
< 1.0.0
Affected: >= 1.0.0 Affected: >= 3.1.0 Affected: >= 3.1.1 Affected: >= 3.1.10 Affected: >= 3.1.11 Affected: >= 3.1.2 Affected: >= 3.1.3 Affected: >= 3.1.4 Affected: >= 3.1.5 Affected: >= 3.1.6 Affected: >= 3.1.7 Affected: >= 3.1.9 Affected: >= 6.0.0 Affected: >= 6.1.10 Affected: >= 6.1.11 Affected: >= 6.1.12 Affected: >= 6.1.13 Affected: >= 6.1.14 Affected: >= 6.1.9 Unaffected: >= 6.2.0 |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:48.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://confluence.atlassian.com/security/cve-2023-22523-rce-vulnerability-in-assets-discovery-1319248914.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/JSDSERVER-14925"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22523",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-14T05:00:08.551203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T16:52:39.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Assets Discovery Cloud",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.5.7.0"
},
{
"status": "affected",
"version": "\u003e= 1.5.7.1"
},
{
"status": "affected",
"version": "\u003e= 1.5.7.3"
},
{
"status": "affected",
"version": "\u003e= 1.5.7.4"
},
{
"status": "affected",
"version": "\u003e= 1.6.1.2"
},
{
"status": "affected",
"version": "\u003e= 1.6.2.0"
},
{
"status": "affected",
"version": "\u003e= 1.6.3.0"
},
{
"status": "affected",
"version": "\u003e= 1.6.4.0"
},
{
"status": "affected",
"version": "\u003e= 1.6.4.4"
},
{
"status": "affected",
"version": "\u003e= 1.7.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.7.1.0"
},
{
"status": "affected",
"version": "\u003e= 1.7.2.0"
},
{
"status": "affected",
"version": "\u003e= 1.8.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.8.1.1"
},
{
"status": "affected",
"version": "\u003e= 1.8.1.2"
},
{
"status": "affected",
"version": "\u003e= 1.8.1.3"
},
{
"status": "affected",
"version": "\u003e= 1.8.1.4"
},
{
"status": "affected",
"version": "\u003e= 1.8.1.5"
},
{
"status": "affected",
"version": "\u003e= 1.8.2.0"
},
{
"status": "affected",
"version": "\u003e= 2.0.0.0"
},
{
"status": "affected",
"version": "\u003e= 3.1.0"
},
{
"status": "affected",
"version": "\u003e= 3.1.1"
},
{
"status": "affected",
"version": "\u003e= 3.1.10"
},
{
"status": "affected",
"version": "\u003e= 3.1.11"
},
{
"status": "affected",
"version": "\u003e= 3.1.2"
},
{
"status": "affected",
"version": "\u003e= 3.1.3"
},
{
"status": "affected",
"version": "\u003e= 3.1.4"
},
{
"status": "affected",
"version": "\u003e= 3.1.5"
},
{
"status": "affected",
"version": "\u003e= 3.1.6"
},
{
"status": "affected",
"version": "\u003e= 3.1.7"
},
{
"status": "affected",
"version": "\u003e= 3.1.8"
},
{
"status": "affected",
"version": "\u003e= 3.1.9"
},
{
"status": "unaffected",
"version": "\u003e= 3.2.0"
}
]
},
{
"product": "Assets Discovery Data Center",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 3.1.0"
},
{
"status": "affected",
"version": "\u003e= 3.1.1"
},
{
"status": "affected",
"version": "\u003e= 3.1.10"
},
{
"status": "affected",
"version": "\u003e= 3.1.11"
},
{
"status": "affected",
"version": "\u003e= 3.1.2"
},
{
"status": "affected",
"version": "\u003e= 3.1.3"
},
{
"status": "affected",
"version": "\u003e= 3.1.4"
},
{
"status": "affected",
"version": "\u003e= 3.1.5"
},
{
"status": "affected",
"version": "\u003e= 3.1.6"
},
{
"status": "affected",
"version": "\u003e= 3.1.7"
},
{
"status": "affected",
"version": "\u003e= 3.1.9"
},
{
"status": "affected",
"version": "\u003e= 6.0.0"
},
{
"status": "affected",
"version": "\u003e= 6.1.10"
},
{
"status": "affected",
"version": "\u003e= 6.1.11"
},
{
"status": "affected",
"version": "\u003e= 6.1.12"
},
{
"status": "affected",
"version": "\u003e= 6.1.13"
},
{
"status": "affected",
"version": "\u003e= 6.1.14"
},
{
"status": "affected",
"version": "\u003e= 6.1.9"
},
{
"status": "unaffected",
"version": "\u003e= 6.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Bug Bounty"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application (formerly known as Insight Discovery) and the Assets Discovery agent."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "RCE (Remote Code Execution)",
"lang": "en",
"type": "RCE (Remote Code Execution)"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-06T15:30:00.483Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"url": "https://confluence.atlassian.com/security/cve-2023-22523-rce-vulnerability-in-assets-discovery-1319248914.html"
},
{
"url": "https://jira.atlassian.com/browse/JSDSERVER-14925"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2023-22523",
"datePublished": "2023-12-06T05:00:02.793Z",
"dateReserved": "2023-01-01T00:01:22.333Z",
"dateUpdated": "2026-02-25T16:52:39.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}