Khamphani ea software ea Australia ea Atlassian e fane ka temoso ea bohlokoa mabapi le phoso e kholo ea ts'ireletso, e lateloang joalo ka CVE-2023-22518, e amang Confluence Data Center le Server. Phoso ena e na le monyetla oa ho lebisa tahlehelong e kholo ea data haeba e sebelisoa ke mohlaseli ea sa lumelloeng. Ka lintlha tse phahameng tsa CVSS tsa 9.1 ho tse 10, tlokotsi ena e oela tlas'a sehlopha sa "bothata bo sa lokelang ba tumello."
The Scope of CVE-2023-22518 Vulnerability
Tšusumetso ea CVE-2023-22518 e hole, e ama mefuta eohle ea Confluence Data Center le Server. Ho rarolla bothata bona, Atlassian e lokolitse hang-hang liphetolelo tse itseng tse fokotsang bofokoli. Ho bohlokoa haholo hore basebelisi ba ntlafatse maemo a bona a Confluence ho e 'ngoe ea mefuta e latelang:
- Version 7.19.16 kapa hamorao
- Version 8.3.4 kapa hamorao
- Version 8.4.4 kapa hamorao
- Version 8.5.3 kapa hamorao
- Version 8.6.1 kapa hamorao
Le hoja ho teba ha tlokotsi ena ho hlokomelehile, Atlassian e fana ka tiisetso ea hore ha e ame ho boloka lekunutu. Sena se bolela hore leha e sebelisoa hampe, mohlaseli ha a khone ho hlahisa data efe kapa efe ea mohlala. Phapang ena ea bohlokoa e fana ka khotso ea kelello ho basebelisi ba ka 'nang ba tšoenyeha ka litlamorao tse ka bang teng tsa tlhekefetso.
Lintlha tsa CVE-2023-22518: Phoso e Ncha e Bohlokoa
Atlassian e khethile ho hana tlhahisoleseling e tobileng mabapi le mofuta oa phoso le mekhoa eo lira li ka e sebelisang ho e sebelisa hampe. Mokhoa ona o hlokolosi o reretsoe ho thibela batšoantšisi ba litšokelo ho nka monyetla ka lintlha tsa bofokoli, ka ho etsa joalo ho sireletsa basebelisi ho fihlela li-patches li sebelisoa haholo.
Ketso ea Hang-hang ke ea Bohlokoa
E le ho arabela ho khethollo ea ts'oaetso ena, Atlassian e khothalletsa bareki ba eona ho nka khato hang-hang ho sireletsa maemo a bona a Confluence. Haholo-holo, maemo a ka fihlellehang ka Marang-rang a sechaba a tlameha ho emisoa ka nakoana ho fihlela patch e nepahetseng e sebelisoa. Ho feta moo, basebelisi ba sebelisang liphetolelo tsa Confluence tse ka ntle ho fensetere ea tšehetso ba eletsoa ka matla ho ntlafatsa ho mofuta o tsitsitseng.
Karolo ea Libaka tsa Atlassian Cloud
Atlassian e fana ka lesela la silevera ka ho netefatsa hore libaka tsa Atlassian Cloud li lula li sa amehe ke CVE-2023-22518 e khethiloeng. Sena se totobatsa bohlokoa ba litharollo tse thehiloeng marung ho fokotsa likotsi tse itseng tsa cybersecurity.
Maemo a Potlakileng ha a Tobane le Litšokelo tse ka 'nang tsa E-ba teng
Le hoja hajoale ho se na bopaki ba tšebeliso e matla ea tlokotsi ena naheng, Atlassian e hatisa tlhokahalo ea ho ba le maikutlo a matle ha ho tobane le litšokelo tse ka bang teng. Ho bohlokoa ho hlokomela hore bofokoli ba nakong e fetileng ho software ea Atlassian bo entsoe ke batšoantšisi ba tšokelo, ba totobatsa bohlokoa ba ho lula ka pele ho likotsi tse hlahang.
Boitlamo ba Atlassian ho Tšireletseho ea Basebelisi
Karabelo e potlakileng ea Atlassian ho bofokoli bo bonts'itsoeng ba ts'ireletso ho Confluence Data Center le Server e bonts'a boitlamo bo sa sisinyeheng ba k'hamphani mabapi le polokeho ea basebelisi. Pitso ea ho nka khato hang-hang, hammoho le tiisetso ea lekunutu la data, e totobatsa boiteko ba tšebelisano bo hlokahalang lipakeng tsa bafani ba mananeo le basebelisi ho matlafatsa ts'ireletso ea dijithale khahlano le litšokelo tsa cyber.
fihlela qeto e
Sebakeng sa dijithale se ntseng se fetoha ka potlako, ho falimeha ha bafani ba lisebelisoa tsa software le basebelisi ka ho ts'oana ho bohlokoa ho sireletseng khahlano le litšokelo tse ka bang teng. Karabelo e potlakileng le e nang le boikarabello ea Atlassian ho bofokoli ba ts'ireletso ba CVE-2023-22518 e fana ka mohlala oa mokhoa o ts'oanelang o hlokahalang ho boloka tikoloho e bolokehileng. Joalo ka ha bofokoli bona bo boholo bo totobatsa, litšokelo tsa cyber ha li eme empa li lula li ikamahanya le bofokoli. Ka hona, ho lula u tseba, ho nchafatsa software khafetsa, le ho sebetsana le bofokoli ba ts'ireletso hanghang ke likarolo tsa bohlokoa tsa ho boloka boemo bo matla ba cybersecurity.
Boitlamo ba Atlassian mabapi le polokeho ea basebelisi bo babatseha, kaha ha bo lokise liphoso feela empa hape bo tiisetsa basebelisi ho boloka lekunutu. Sena se bonts'a boikitlaetso ba tšebelisano lipakeng tsa bafani ba software le basebelisi ba bona, ho totobatsa hore ts'ireletso ke boikarabello bo arolelanoang. Ketso e potlakileng e nkuoeng ke Atlassian e sebetsa e le khopotso ea bohlokoa ea hore lefatše la dijithale le hloka ho falimeha kamehla, kaha litšokelo tse ka bang teng li ka lalla hukung.
Qetellong, joalo ka basebelisi ba mahlale a dijithale, karolo ea rona ea ho boloka cybersecurity ha ea lokela ho nyatseha. Ho lula u le malala-a-laotsoe, u na le tsebo, 'me u arabela litšokelo tse hlahang ho bohlokoa haholo. Tsela eo Atlassian a sebetsanang le CVE-2023-22518 ka eona e sebetsa e le khopotso ea hore ka ho sebetsa 'moho le ho lula re ikemiselitse ho sireletseha, re ka matlafatsa ts'ireletso ea rona ea dijithale le ho shebana le maemo a lulang a fetoha a ts'ireletso ea marang-rang ka kholiseho le mamello.