Kindly help to assess if there is any impact on Dollar-U with below mentioned CVE's
we have received 2 security advisories. Kindly help to check and assess if there is any impact on the tool:
1. New Security Incident: (INC-1927195) Hundreds of Elasticsearch databases targeted in ransom attacks
2.We have received an advisory from US-Cert “Atlassian Releases Security Updates for Confluence Server and Data Center, CVE-2022-26134”.
Full details are provided below:
-------------------------------------------------------------------------------------------------
New Security Incident: (INC-1927195) Hundreds of Elasticsearch databases targeted in ransom attacks
We have received an advisory from Infosec team. PFB:
Hackers have targeted poorly secured Elasticsearch databases and replaced 450 indexes with ransom notes asking for $620 to restore contents, amounting to a total demand of $279,000.
According to Secureworks, the threat actors use an automated script to parse unprotected databases, wipe their data, and add the ransom, so there doesn’t appear to be any manual engagement in this operation.
Reference Link: https://www.bleepingcomputer.com/news/security/hundreds-of-elasticsearch-databases-targeted-in-ransom-attacks/
https://www.secureworks.com/blog/unsecured-elasticsearch-data-replaced-with-ransom-note
-------------------------------------------------------------------------------------------
“Atlassian Releases Security Updates for Confluence Server and Data Center, CVE-2022-26134”.
Atlassian has released a security advisory to address a remote code execution vulnerability (CVE-2022-26134) affecting Confluence Server and Data Center products. An unauthenticated remote attacker could exploit this vulnerability to execute code remotely. Atlassian reports that there is known exploitation of this vulnerability. There are currently no updates available. Atlassian is working to issue an update.
Reference links: Atlassian Releases Security Updates for Confluence Server and Data Center, CVE-2022-26134 | CISA
Confluence Security Advisory 2022-06-02 | Confluence Data Center and Server 7.18 | Atlassian Documentation
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html?fireglass_rsn=true#fireglass_params&tabid=a74dffdc2eadd902&start_with_session_counter=3&application_server_address=isolation-sgx3.wss.prod.fire.glass
https://www.cisa.gov/uscert/ncas/current-activity/2022/06/02/atlassian-releases-security-updates-confluence-server-and-data
Release : 6.x
Component : CA Automic Dollar Universe
1. New Security Incident: (INC-1927195) Hundreds of Elasticsearch databases targeted in ransom attacks
2.We have received an advisory from US-Cert “Atlassian Releases Security Updates for Confluence Server and Data Center, CVE-2022-26134”.