CVE-2023-22523
published 2023-12-06CVE-2023-22523: This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets Discovery agent installed…
PriorityP264high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
11.15%
95.4th percentile
This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application (formerly known as Insight Discovery) and the Assets Discovery agent.
Affected
57 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
| atlassian | assets_discovery_cloud | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for privileged RCE activity originating from or targeting hosts running the Assets Discovery agent (formerly Insight Discovery), as exploitation occurs over the agent communication channel. ↗
- →Alert on unexpected or anomalous traffic on TCP/UDP port 51337, which is the default communication port between the Assets Discovery application and its agents; unauthorized access to this port is the attack vector for CVE-2023-22523. ↗
- →Identify hosts running Assets Discovery agent versions below 3.2.0 (Cloud) or below 6.2.0 (Data Center/Server) as unpatched and vulnerable to exploitation. ↗
- ·The default agent communication port (51337) should be blocked at the network perimeter as a temporary mitigation if patching cannot be applied immediately; this is Atlassian's official interim workaround. ↗
- ·Atlassian confirmed none of the four CVEs, including CVE-2023-22523, were observed being exploited in the wild at time of advisory publication — however, the high CVSS score (9.8) and wide corporate deployment of Jira Service Management warrant urgent prioritization. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Checkpoint
11th December – Threat Intelligence Report
blogs_checkpoint·2023-12-11
CVE-2023-40088 11th December – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 11th December – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 11th December, please download our Threat_Intelligence Bulletin .
TOP ATTACKS AND BREACHES
The American Greater Richmond Transit Company (GRTC), which provides services for millions of people, has been a victim of cyber-attack that impacted certain applications and parts of the GRTC network. The Play ransomware gang claimed responsibility for the attack.
Check Point Harmony Endpoint and Threat Emulation prov
Bleepingcomputer
Atlassian patches critical RCE flaws across multiple products
blogs_bleepingcomputer·2023-12-06·CVSS 8.3
[HIGH] Atlassian patches critical RCE flaws across multiple products
## Atlassian patches critical RCE flaws across multiple products
## Bill Toulas
Atlassian has published security advisories for four critical remote code execution (RCE) vulnerabilities impacting Confluence, Jira, and Bitbucket servers, along with a companion app for macOS.
All security issues addressed received a critical-severity score of at least 9.0 out of 10, based on Atlassian's internal assessment. However, the company advises companies to evaluate applicability according to their IT environment.
The company marked none of the security issues as being exploited in the wild. However, due to the popularity of Atlassian products and their extensive deployment in corporate environments, system administrators should prioritize applying the available updates.
The set of four RCE vuln
https://confluence.atlassian.com/security/cve-2023-22523-rce-vulnerability-in-assets-discovery-1319248914.htmlhttps://jira.atlassian.com/browse/JSDSERVER-14925https://confluence.atlassian.com/security/cve-2023-22523-rce-vulnerability-in-assets-discovery-1319248914.htmlhttps://jira.atlassian.com/browse/JSDSERVER-14925
2023-12-06
Published