CVE-2023-22523
HIGHAtlassian Assets Discovery Cloud 1.0.0-3.2.0 & Data Center/Server 1.0.0-3.1.11 - Remote Code Execution
Title source: llmDescription
This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets Discovery agent installed. The vulnerability exists between the Assets Discovery application (formerly known as Insight Discovery) and the Assets Discovery agent.
References (2)
Core 2
Core References
Vendor Advisory
https://confluence.atlassian.com/security/cve-2023-22523-rce-vulnerability-in-assets-discovery-1319248914.html
Issue Tracking, Vendor Advisory
https://jira.atlassian.com/browse/JSDSERVER-14925
Scores
CVSS v3
8.8
EPSS
0.0719
EPSS Percentile
91.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
Status
published
Products (3)
atlassian/assets_discovery_cloud
1.0.0 - 3.2.0
atlassian/assets_discovery_data_center
1.0.0 - 3.1.11
atlassian/assets_discovery_data_server
1.0.0 - 3.1.11
Published
Dec 06, 2023
Tracked Since
Feb 18, 2026