{"vulnerability": "CVE-2022-1471", "sightings": [{"uuid": "2c723dd8-e30d-45cf-a86f-8619f9d3f2e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18694", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-1471\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L)\n\ud83d\udd39 Description: SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization.\u00a0Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.\n\ud83d\udccf Published: 2022-12-01T10:47:07.203Z\n\ud83d\udccf Modified: 2025-06-18T08:32:58.546Z\n\ud83d\udd17 References:\n1. https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2\n2. https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479\n3. https://github.com/mbechler/marshalsec\n4. https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true\n5. https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc\n6. https://security.netapp.com/advisory/ntap-20230818-0015/\n7. http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html\n8. http://www.openwall.com/lists/oss-security/2023/11/19/1\n9. https://security.netapp.com/advisory/ntap-20240621-0006/\n10. https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c\n11. https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html", "creation_timestamp": "2025-06-18T08:42:18.000000Z"}, {"uuid": "41219d81-97b7-4aa0-91a8-a82f72ba2269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://t.me/kasperskyb2b/1053", "content": "\ud83d\udc40 \u041c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c Atlassian\n\u043f\u0430\u0442\u0447\u0438\u043c Jira, Confluence \u0438 Bitbucket\n\n\u0427\u0435\u0442\u044b\u0440\u0435 CVE \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 9\u20149.8 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0441\u0440\u043e\u0447\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043f\u0430\u0442\u0447\u0435\u0439 \u043a Confluence Data Center and Server, Jira service management cloud, Server &amp; Data cetner, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 SnakeYAML, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0432\u0435\u0440\u0441\u0438\u0439 Jira, Confluecne \u0438 Bitbucket.\n\n\ud83d\udd35 CVE-2023-22522 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0432 \u0434\u0430\u043d\u043d\u044b\u0435 Confluence \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d, \u043d\u043e \u0442\u0430\u043c, \u0433\u0434\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0451\u043d \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435, \u044d\u0442\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e. \n\n\ud83d\udd35 CVE-2023-22523 RCE \u0432  Assets Discovery agent, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u0445, \u0433\u0434\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u044d\u0442\u043e \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a Jira Service Management Cloud.  \u041f\u0440\u043e\u0441\u0442\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e, \u043d\u0443\u0436\u043d\u043e \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0430\u0433\u0435\u043d\u0442 \u043d\u0430 \u0432\u0441\u0435\u0445 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u0445, \u0433\u0434\u0435 \u043e\u043d \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d, \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0442\u0447\u0438, \u0430 \u0437\u0430\u0442\u0435\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0430\u0433\u0435\u043d\u0442 \u0437\u0430\u043d\u043e\u0432\u043e.  \n\n\ud83d\udd35 CVE-2023-22524 RCE \u0432 Atlassian companion app, \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u0434\u043b\u044f MacOS \u043a Confluence Server \u0438 Confluence Data Center. \u041f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438, \u043d\u043e \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043e\u043d\u043e \u0434\u043e\u043b\u0436\u043d\u043e \u0431\u044b\u0442\u044c \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043e. \u0415\u0441\u043b\u0438 \u044d\u0442\u043e\u0433\u043e \u043d\u0435 \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a \u043d\u0435 \u043f\u043e\u043c\u043e\u0433, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u0430 \u0434\u0435\u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f-\u043a\u043e\u043c\u043f\u0430\u043d\u044c\u043e\u043d\u0430.\n\n\ud83d\udd35 CVE-2022-1471 \u00a0RCE \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 SnakeYAML, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u043b\u0438\u043d\u0435\u0439\u043a\u0438 Bitbucket, Confluence \u0438 Jira.  \u0420\u0435\u0439\u0442\u0438\u043d\u0433 9.8, \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440 \u043d\u0435\u0442 \u2014 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0430\u0442\u0447\u0438\u0442\u044c\u0441\u044f.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-12-07T11:09:25.000000Z"}, {"uuid": "0054fa60-45d2-43f7-89b8-2d96425d7643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:42.000000Z"}, {"uuid": "228563e8-96f0-4977-b870-3f5c2ce13a79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "2573f6f5-377c-4812-97c9-b2f78eb0f387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2022-1471", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/12/kritische-sicherheitslucken-in-mehreren-produkten-von-atlassian-patches-verfugbar", "content": "", "creation_timestamp": "2023-12-06T21:41:11.000000Z"}, {"uuid": "dde311c9-b043-4917-b724-c778af4fa540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mak3mpge3r22", "content": "", "creation_timestamp": "2025-12-22T01:32:11.124106Z"}, {"uuid": "8d247958-d5c4-4508-9401-1eb95a5f33e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://gist.github.com/kitherill/35c9211065676c6c258f3a3f1d76a26d", "content": "", "creation_timestamp": "2026-02-11T12:49:28.000000Z"}, {"uuid": "facea22a-5918-480b-b754-0e5fcc6d1b58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_29/2023", "content": "", "creation_timestamp": "2023-12-07T09:23:25.000000Z"}, {"uuid": "d1224ff0-40c3-484a-88a1-974022c057fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://t.me/alexmakus/5195", "content": "Atlassian \u043c\u043e\u043b\u043e\u0434\u0446\u044b, \u043d\u0430 9 \u0438\u0437 10 (\u0432 \u0441\u043c\u044b\u0441\u043b\u0435, \u043f\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439) \n\n \u2022 CVE-2023-22522: Template injection flaw allowing authenticated users, including those with anonymous access, to inject unsafe input into a Confluence page (critical, with a 9.0 severity score). The flaw impacts all Confluence Data Center and Server versions after 4.0.0 and up to 8.5.3.\n \u2022 CVE-2023-22523: Privileged RCE in Assets Discovery agent impacting Jira Service Management Cloud, Server, and Data Center (critical, with a 9.8\u00a0severity score). Vulnerable Asset Discovery versions are anything below 3.2.0 for Cloud and 6.2.0 for Data Center and Server.\n \u2022 CVE-2023-22524: Bypass of blocklist and macOS Gatekeeper on the companion app for Confluence Server and Data Center for macOS, impacting all versions of the app prior to 2.0.0 (critical, with a 9.6\u00a0severity score).\n \u2022 CVE-2022-1471: \u00a0RCE in SnakeYAML library impacting multiple versions of Jira, Bitbucket, and Confluence products (critical, with a 9.8\u00a0severity score).", "creation_timestamp": "2023-12-06T18:10:13.000000Z"}, {"uuid": "0b9ccc62-dda7-4b89-a70e-e88bbd4de4ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://t.me/KomunitiSiber/1172", "content": "Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution\nhttps://thehackernews.com/2023/12/atlassian-releases-critical-software.html\n\nAtlassian has released software fixes to address\u00a0four critical flaws\u00a0in its software that, if successfully exploited, could result in remote code execution.\nThe list of vulnerabilities is below -\n\nCVE-2022-1471\u00a0(CVSS score: 9.8) - Deserialization vulnerability in\u00a0SnakeYAML library\u00a0that can lead to remote code execution in multiple products\nCVE-2023-22522\u00a0(CVSS score", "creation_timestamp": "2023-12-06T11:01:58.000000Z"}, {"uuid": "e7dad17b-7f89-4194-8038-111269b8f73b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9751", "content": "#Offensive_security\n1. Persistence - Windows Event\u00a0Log\nhttps://pentestlab.blog/2024/01/08/persistence-event-log\n2. An overview of SnakeYAML deserialization vulnerabilities (CVE-2022-1471)\nhttps://www.labs.greynoise.io/grimoire/2024-01-03-snakeyaml-deserialization", "creation_timestamp": "2024-01-09T11:04:58.000000Z"}, {"uuid": "90510351-045e-4a0f-878a-bad270f9402e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/10807", "content": "#Threat_Research\nShelltorch Explained:\nMultiple Vulnerabilities in Pytorch Model Server (CVE-2023-43654, CVE-2022-1471)\nhttps://www.oligo.security/blog/shelltorch-explained-multiple-vulnerabilities-in-pytorch-model-server", "creation_timestamp": "2024-07-09T16:07:06.000000Z"}, {"uuid": "c2d581de-eced-428e-82f5-1a92e0704f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "63537f2d-234e-44e3-b977-06acbfd31063", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/torchserver_cve_2023_43654.rb", "content": "", "creation_timestamp": "2023-10-12T16:04:40.000000Z"}, {"uuid": "b883e1e0-e8a4-4091-a3ce-454e575406fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "Telegram/lJbWmBycQ68efBmqsKUbA7FEEJX3-JVKrSRhUZE9c7byOw", "content": "", "creation_timestamp": "2023-12-06T14:30:35.000000Z"}, {"uuid": "e9004789-88e6-4caa-b5c7-8d0e67964511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://t.me/true_secator/5170", "content": "Atlassian \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0435\u043c \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435:\n\n- CVE-2022-1471\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9,8): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 SnakeYAML, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445;\n\n- CVE-2023-22522\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9,0): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Confluence Data Center and Confluence Server (\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 4.0.0 \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435);\n\n- CVE-2023-22523\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9,8): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Assets Discovery \u0434\u043b\u044f Jira Service Management Cloud, Server \u0438 Data Center (\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 3.2.0-cloud/6.2.0 data center, \u043d\u043e \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0445);\n\n- CVE-2023-22524\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9,6): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 Atlassian Companion \u0434\u043b\u044f macOS (\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 2.0.0, \u043a\u0440\u043e\u043c\u0435 2.0.0).\n\nAtlassian \u043e\u043f\u0438\u0441\u0430\u043b\u0430 CVE-2023-22522 \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0448\u0430\u0431\u043b\u043e\u043d\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0432\u043e\u0434 \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443 Confluence, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Assets Discovery \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u0445 \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0430\u0433\u0435\u043d\u0442\u043e\u043c Assets Discovery.\n\nCVE-2023-22524 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f WebSockets \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0447\u0435\u0440\u043d\u043e\u0433\u043e \u0441\u043f\u0438\u0441\u043a\u0430 Atlassian Companion \u0438 \u0437\u0430\u0449\u0438\u0442\u044b macOS Gatekeeper.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0440\u0435\u0448\u0435\u043d\u0438\u044f Atlassian \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u0432\u0435\u043a\u0442\u043e\u0440\u0430\u043c\u0438 \u0430\u0442\u0430\u043a, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0434\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438.", "creation_timestamp": "2023-12-06T16:45:05.000000Z"}, {"uuid": "e2a3c77c-137a-4305-aad7-640cc38141a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://t.me/ctinow/180558", "content": "https://ift.tt/J6y4soP\nCVE-2022-1471 | Oracle Communications Service Catalog and Design 7.4.2.8.0 PSR Designer input validation", "creation_timestamp": "2024-02-07T08:11:28.000000Z"}, {"uuid": "1eb3668f-2c15-407c-b328-284572f38fb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://t.me/cibsecurity/53754", "content": "\u203c CVE-2022-1471 \u203c\n\nSnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-01T14:30:28.000000Z"}, {"uuid": "1da15188-6e48-4fb9-9a5a-207fb240a632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://t.me/GDSpace/962", "content": "\u041f\u0440\u043e\u0436\u0435\u043a\u0442\u043e\u0440 \u043f\u043e \u0418\u0411, \u0432\u044b\u043f\u0443\u0441\u043a \u21166 (08.10.2023). \u0417\u0430\u043f\u0438\u0441\u0430\u043b\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u044d\u043f\u0438\u0437\u043e\u0434. \u0412 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u043c\u044b \u0433\u043e\u0432\u043e\u0440\u0438\u043b\u0438 \u043f\u0440\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0438.\n\n\u041c\u044b \u044d\u0442\u043e:\n\n\ud83d\udd38 \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u041b\u0435\u043e\u043d\u043e\u0432, \"\u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u043f\u0440\u043e\u0447\u0435\u0435\"\n\ud83d\udd38 \u041b\u0435\u0432 \u041f\u0430\u043b\u0435\u0439, \"\u0412\u0435\u0441\u0442\u0438 \u0438\u0437 \u041f\u0430\u043b\u0435\u0439\"\n\ud83d\udd38 \u041c\u0430\u043a\u0441\u0438\u043c \u0425\u0430\u0440\u0430\u0441\u043a, \"Global Digital Space\"\n\n00:00 \u0417\u0434\u043e\u0440\u043e\u0432\u0430\u0435\u043c\u0441\u044f, \u0441\u043c\u043e\u0442\u0440\u0438\u043c \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443 \u043f\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430\u043c \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0430\n02:18 \u0421\u0430\u0448\u0430 \u0432\u044b\u0448\u0435\u043b \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 \u0432 Positive Technologies \u0438 \u0447\u0435\u043c \u0436\u0435 \u043e\u043d \u0442\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u0437\u0430\u043d\u0438\u043c\u0430\u0442\u044c\u0441\u044f\n04:50 RCE \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Exim (CVE-2023-42115)\n08:16 SSRF/RCE \u0432 TorchServe (CVE-2023-43654, CVE-2022-1471), ShellTorch\n12:05 \u0412 Cisco Emergency Responder \u043d\u0430\u0448\u043b\u0438 root-\u043e\u0432\u044b\u0435 \u0443\u0447\u0451\u0442\u043a\u0438 \u0441 \u0437\u0430\u0445\u0430\u0440\u0434\u043a\u043e\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0430\u0440\u043e\u043b\u044f\u043c\u0438 (CVE-2023-20101)\n16:44 \u041d\u043e\u0432\u044b\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 OpenPubkey\n17:56 EoP \u0438\u043b\u0438 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Atlassian Confluence (CVE-2023-22515)\n23:42 \u0413\u0440\u044f\u0434\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c cURL \u0438 libcurl (CVE-2023-38545)\n27:07 \u041d\u043e\u0432\u0430\u044f bug bounty \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u041c\u0438\u043d\u0446\u0438\u0444\u0440\u044b\n30:32 \u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0431\u0440\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \"\u041b\u0435\u043e\u043d\u0430\u0440\u0434\u043e\" \u0432\u043d\u043e\u0432\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0430\u0441\u044c DDOS-\u0430\u0442\u0430\u043a\u0435 \u0438\u0437-\u0437\u0430 \u0440\u0443\u0431\u0435\u0436\u0430\n35:22 \u042d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u0430 Xiaomi \u0432\u044b\u0448\u043b\u0430 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u043f\u043e \u0432\u0441\u0435\u0439 \u0420\u043e\u0441\u0441\u0438\u0438\n36:38 Qualys-\u044b \u043d\u0430\u0440\u0435\u0441\u0435\u0440\u0447\u0438\u043b\u0438 EoP/LPE \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e \u0432\u0441\u0435\u0445 Linux-\u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0430\u0445, \u0430 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u0432 glibc (CVE-2023-4911)\n39:19 XSpider-\u0443 25 \u043b\u0435\u0442. \u0420\u043e\u0432\u043d\u043e \u043a\u0430\u043a \u0438 \u0432\u0441\u0435\u043c\u0443 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u043c\u0443 Vulnerability Management-\u0443. \u041e\u0431\u0441\u0443\u0436\u0434\u0430\u0435\u043c \u0432 \u043a\u0430\u043a\u0443\u044e \u0441\u0442\u043e\u0440\u043e\u043d\u0443 \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0435\u0442\u0441\u044f VM.\n46:42 \u041f\u0440\u043e\u0449\u0430\u043d\u0438\u0435 \u043e\u0442 Mr. X\n\n@avleonovrus #\u041f\u0440\u043e\u0436\u0435\u043a\u0442\u043e\u0440\u041f\u043e\u0418\u0411 #PositiveTechnologies #Exim #TorchServe #Cisco #OpenPubkey #Atlassian #Confluence #cURL #libcurl #bugbounty #\u041c\u0438\u043d\u0446\u0438\u0444\u0440\u044b #\u041b\u0435\u043e\u043d\u0430\u0440\u0434\u043e #Xiaomi #Qualys #Linux #glibc #XSpider #VulnerabilityManagement #MaxPatrolVM", "creation_timestamp": "2023-10-09T21:14:14.000000Z"}, {"uuid": "ab370dc0-6582-479f-8838-a3d197b15327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://t.me/CNArsenal/2769", "content": "https://www.oligo.security/blog/shelltorch-explained-multiple-vulnerabilities-in-pytorch-model-server\n\nPyTorch (TorchServe) ShellTorch vulnerabilities CVE-2023-43654 (CVSS: 9.8) and CVE-2022-1471 (CVSS: 9.9)\n#\u5206\u6790", "creation_timestamp": "2024-07-09T08:16:59.000000Z"}, {"uuid": "38dfdcfd-cbcc-4414-a52a-fc71236a9da3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-1471", "type": "seen", "source": "https://t.me/Rootsec_2/2448", "content": "#Offensive_security\n1. Persistence - Windows Event\u00a0Log\nhttps://pentestlab.blog/2024/01/08/persistence-event-log\n2. An overview of SnakeYAML deserialization vulnerabilities (CVE-2022-1471)\nhttps://www.labs.greynoise.io/grimoire/2024-01-03-snakeyaml-deserialization", "creation_timestamp": "2024-08-16T09:01:19.000000Z"}]}