Atlassian
Company Details
Linkedin ID:
atlassian
Website:
Employees number:
17,274
Number of followers:
1,866,259
NAICS:
5112
Industry Type:
Homepage:
atlassian.com
IP Addresses:
156
Company ID:
ATL_2964148
Scan Status:
Completed
Atlassian Company CyberSecurity Posture
atlassian.com
Atlassian powers the collaboration that helps teams accomplish what would otherwise be impossible alone. From space missions and motor racing to bugs in code and IT requests, no task is too large or too small with the right team, the right tools, and the right practices. Over 300,000 global companies and 80% of the Fortune 500 rely on Atlassian’s software, like Jira, Confluence, Loom, and Trello, to help their teams work better together and deliver quality results on time. With our 300,000+ customers and team of 10,000+ Atlassians, we are building the next generation of team collaboration and productivity software. We believe the power of teams has the potential to change the world—one that is more open, authentic, and inclusive.
Atlassian A.I CyberSecurity Scoring
Atlassian Risk Score (AI oriented)Between 750 and 799
Atlassian
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Atlassian Global Score (TPRM)XXXX
Atlassian
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Atlassian Company CyberSecurity News & History
Past Incidents
5
Attack Types
2
Atlassian
Data Leak
Rankiteo Explanation
Attack without any consequences
Description: Atlassian revealed that unidentified hackers gained access to a vast quantity of data from its group chat service HipChat by breaking into a cloud server owned by the business. Although Atlassian did not disclose the identity of the prominent third-party software library that was utilised by its HipChat.com service, the business claims that attackers took advantage of a weakness in the library. The business issued instructions on how to reset passwords to all users whose accounts were connected to HipChat and, as a precaution, invalidated the passwords on those accounts. The organisation claims that although hashed passwords, email addresses, and names were accessible to hackers, no financial information was revealed.
Atlassian
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Atlassian reveals a data leak that was brought on by the theft of employee login information that was then utilized to obtain data from a third-party vendor. More than 13,200 entries make up the employee file that was uploaded online, and a brief inspection of the file suggests that it contains data on many current employees, including names, email addresses, work departments, and other details. The threat actors obtained information from a third-party vendor using the employee login credentials they had stolen. The business emphasized that the event had no impact on consumer or network data. The business acknowledged the data breach and disclosed that Envoy, a startup that offers workplace management services to the Australian software giant, was the source of the leaked data.
Atlassian
Vulnerability
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Atlassian Confluence Data Center and Server versions were affected by a critical vulnerability identified as CVE-2023-22527, enabling threat actors to exploit the flaw for cryptomining campaigns. Due to the template injection vulnerability, remote attackers could execute arbitrary code, leading to unauthorized cryptocurrency mining using the organization's resources. This activity not only utilized the compromised infrastructure for mining but also had the potential to disrupt operations and financials through resource exhaustion and increase in operational costs. Atlassian released patches to address the issue, however, systems not updated remained at risk.
Atlassian
Vulnerability
Rankiteo Explanation
Attack threatening the organization's existence
Description: Atlassian warned its customers that multiple threat groups are exploiting a Confluence Server zero-day vulnerability in its servers. Any unauthenticated attackers can target its Confluence Server and Data Center by a critical vulnerability that can be exploited for remote code execution. The company advised its users have been advised to prevent access to their Confluence servers from the internet, or simply disable these instances, as all supported versions of Confluence Server and Data Center are affected. However, Atlassian expects fixes to become available soon.
Atlassian
Vulnerability
Rankiteo Explanation
Attack threatening the economy of a geographical region
Description: Atlassian discovered a vulnerability in its Confluence Server which they need to patch to remedy a Critical-rated flaw. Confluence Server Webwork OGNL injection vulnerability could allow an authenticated user, or unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. However, Atlassian's own Confluence Cloud was patched but other hosted Confluence offerings might be vulnerable.
Atlassian Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Atlassian
Incidents vs Software Development Industry Average (This Year)
No incidents recorded for Atlassian in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Atlassian in 2025.
Incident Types Atlassian vs Software Development Industry Avg (This Year)
No incidents recorded for Atlassian in 2025.
Incident History — Atlassian (X = Date, Y = Severity)
Atlassian cyber incidents detection timeline including parent company and subsidiaries
Atlassian Company Subsidiaries
Atlassian powers the collaboration that helps teams accomplish what would otherwise be impossible alone. From space missions and motor racing to bugs in code and IT requests, no task is too large or too small with the right team, the right tools, and the right practices. Over 300,000 global companies and 80% of the Fortune 500 rely on Atlassian’s software, like Jira, Confluence, Loom, and Trello, to help their teams work better together and deliver quality results on time. With our 300,000+ customers and team of 10,000+ Atlassians, we are building the next generation of team collaboration and productivity software. We believe the power of teams has the potential to change the world—one that is more open, authentic, and inclusive.
Loading...
Atlassian Similar Companies
HubSpot
HubSpot is a leading CRM platform that provides software and support to help businesses grow better. Our platform includes marketing, sales, service, and website management products that start free and scale to meet our customers’ needs at any stage of growth. Today, thousands of customers around th
Dassault Systèmes
Dassault Systèmes is a catalyst for human progress. Since 1981, the company has pioneered virtual worlds to improve real life for consumers, patients and citizens. With Dassault Systèmes’ 3DEXPERIENCE platform, 370,000 customers of all sizes, in all industries, can collaborate, imagine and create
Daraz is the leading e-commerce marketplace across South Asia (excluding India). Our business covers four key areas – e-commerce, logistics, payment infrastructure and financial services – providing our sellers and customers with an end-to-end commerce solution. With access to over 500 million custo
Lazada
About Lazada Group Founded in 2012, Lazada Group is the leading eCommerce platform in Southeast Asia. We are accelerating progress in Indonesia, Malaysia, the Philippines, Singapore, Thailand and Vietnam through commerce and technology. With the largest logistics and payments networks in the regio
SS&C is a leading global provider of mission-critical, cloud-based software and solutions for the financial and healthcare industries. Named to the Fortune 1000 list as a top U.S. company based on revenue, SS&C (NASDAQ: SSNC) is a trusted provider to more than 20,000 financial services and healthcar
Microsoft
Every company has a mission. What's ours? To empower every person and every organization to achieve more. We believe technology can and should be a force for good and that meaningful innovation contributes to a brighter world in the future and today. Our culture doesn’t just encourage curiosity; it
Catalyzing the era of pervasive intelligence, Synopsys delivers trusted and comprehensive silicon to systems design solutions, from electronic design automation to silicon IP and system verification and validation. We partner closely with semiconductor and systems customers across a wide range of
ByteDance
ByteDance is a global incubator of platforms at the cutting edge of commerce, content, entertainment and enterprise services - over 2.5bn people interact with ByteDance products including TikTok. Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This i
PhonePe Group is India’s leading fintech company, proudly recognized as India’s #1 Trusted Digital Payments* Brand for three consecutive years. Our flagship product, the PhonePe app was launched in August 2016, has rapidly become the preferred consumer payments app in India. In just eight years, Pho
.png)
Atlassian CyberSecurity News
October 23, 2025 07:00 AM
Critical Jira Vulnerability Enables Arbitrary File Modification via JVM Access
Atlassian has disclosed a critical path traversal vulnerability affecting Jira Software Data Center and Server that could allow...
October 23, 2025 07:00 AM
Jira Software Vulnerability Let Attacker Modify Any Filesystem Path Writable By JVM process
Atlassian has disclosed a high-severity path traversal vulnerability in Jira Software Data Center and Server that enables authenticated...
September 02, 2025 07:00 AM
Jaguar Land Rover Faces Major Cyberattack, Disrupting Systems but Sparing Customer Data
Jaguar Land Rover (JLR), the British luxury automaker renowned for its Range Rover, Defender, Discovery, and Jaguar models, has been rocked...
July 02, 2025 07:00 AM
Cybersecurity M&A Roundup: 41 Deals Announced in June 2025
Forty-one cybersecurity merger and acquisition (M&A) deals were announced in June 2025 and added to SecurityWeek tracker.
June 20, 2025 07:00 AM
Cybersecurity News: Cisco, Atlassian fixes, Ryuk member arrested, Viasat Typhoon attack
Cisco, Atlassian fix vulnerabilities, Alleged Ryuk gang member arrested and extradited, Telecom company Viasat attacked by Salt Typhoon.
June 20, 2025 07:00 AM
Malicious Support Tickets Let Hackers Exploit Atlassian’s Model Context Protocol
A new class of cyberattack is targeting organizations leveraging Atlassian's Model Context Protocol (MCP).
June 20, 2025 07:00 AM
Hackers Exploit Atlassian via Malicious Support Ticket Submission
This technique allows external attackers to hijack internal AI workflows in systems like Jira Service Management (JSM), enabling data theft...
June 20, 2025 07:00 AM
Cisco, Atlassian release high-severity flaw fixes
Updates have been issued by Cisco and Atlassian to address various high-severity security issues impacting their respective offerings,...
June 20, 2025 07:00 AM
Hackers Exploit Atlassian’s Model Context Protocol by Submitting a Malicious Support Ticket
A sophisticated attack vector targeting Atlassian's MCP that allows external threat actors to gain privileged access to internal systems.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Atlassian CyberSecurity History Information
Official Website of Atlassian
The official website of Atlassian is https://atlassian.com/.
Atlassian’s AI-Generated Cybersecurity Score
According to Rankiteo, Atlassian’s AI-generated cybersecurity score is 774, reflecting their Fair security posture.
How many security badges does Atlassian’ have ?
According to Rankiteo, Atlassian currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Atlassian have SOC 2 Type 1 certification ?
According to Rankiteo, Atlassian is not certified under SOC 2 Type 1.
Does Atlassian have SOC 2 Type 2 certification ?
According to Rankiteo, Atlassian does not hold a SOC 2 Type 2 certification.
Does Atlassian comply with GDPR ?
According to Rankiteo, Atlassian is not listed as GDPR compliant.
Does Atlassian have PCI DSS certification ?
According to Rankiteo, Atlassian does not currently maintain PCI DSS compliance.
Does Atlassian comply with HIPAA ?
According to Rankiteo, Atlassian is not compliant with HIPAA regulations.
Does Atlassian have ISO 27001 certification ?
According to Rankiteo,Atlassian is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Atlassian
Atlassian operates primarily in the Software Development industry.
Number of Employees at Atlassian
Atlassian employs approximately 17,274 people worldwide.
Subsidiaries Owned by Atlassian
Atlassian presently has no subsidiaries across any sectors.
Atlassian’s LinkedIn Followers
Atlassian’s official LinkedIn profile has approximately 1,866,259 followers.
NAICS Classification of Atlassian
Atlassian is classified under the NAICS code 5112, which corresponds to Software Publishers.
Atlassian’s Presence on Crunchbase
Yes, Atlassian has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/atlassian.
Atlassian’s Presence on LinkedIn
Yes, Atlassian maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/atlassian.
Cybersecurity Incidents Involving Atlassian
As of November 27, 2025, Rankiteo reports that Atlassian has experienced 5 cybersecurity incidents.
Number of Peer and Competitor Companies
Atlassian has an estimated 26,597 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Atlassian ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability and Data Leak.
How does Atlassian detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with patching the vulnerability, and containment measures with prevent access to confluence servers from the internet, containment measures with disable confluence instances, and communication strategy with advised users to take preventive actions, and containment measures with invalidated passwords on affected accounts, and remediation measures with issued instructions on how to reset passwords to all users, and communication strategy with notified users to reset passwords, and remediation measures with patches released..
Incident Details
Can you provide details on each incident ?
Title: Confluence Server Webwork OGNL Injection Vulnerability
Description: Atlassian discovered a vulnerability in its Confluence Server which they need to patch to remedy a Critical-rated flaw. Confluence Server Webwork OGNL injection vulnerability could allow an authenticated user, or unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. However, Atlassian's own Confluence Cloud was patched but other hosted Confluence offerings might be vulnerable.
Type: Vulnerability Exploitation
Attack Vector: Webwork OGNL injection
Vulnerability Exploited: Confluence Server Webwork OGNL injection
Motivation: Arbitrary code execution
Title: Atlassian Confluence Server Zero-Day Vulnerability
Description: Atlassian warned its customers that multiple threat groups are exploiting a Confluence Server zero-day vulnerability in its servers. Any unauthenticated attackers can target its Confluence Server and Data Center by a critical vulnerability that can be exploited for remote code execution. The company advised its users to prevent access to their Confluence servers from the internet, or simply disable these instances, as all supported versions of Confluence Server and Data Center are affected. However, Atlassian expects fixes to become available soon.
Type: Zero-Day Exploit
Attack Vector: Remote Code Execution
Vulnerability Exploited: Confluence Server Zero-Day Vulnerability
Threat Actor: Multiple threat groups
Title: Atlassian Data Leak
Description: Atlassian reveals a data leak that was brought on by the theft of employee login information that was then utilized to obtain data from a third-party vendor.
Type: Data Breach
Attack Vector: Stolen Login Credentials
Vulnerability Exploited: Weak credential management
Motivation: Data Theft
Title: Atlassian HipChat Data Breach
Description: Unidentified hackers gained access to a vast quantity of data from Atlassian's HipChat service by exploiting a vulnerability in a third-party software library used by the service.
Type: Data Breach
Attack Vector: Exploitation of Vulnerability
Vulnerability Exploited: Third-party software library vulnerability
Threat Actor: Unidentified hackers
Title: Atlassian Confluence Cryptomining Campaign
Description: Atlassian Confluence Data Center and Server versions were affected by a critical vulnerability identified as CVE-2023-22527, enabling threat actors to exploit the flaw for cryptomining campaigns. Due to the template injection vulnerability, remote attackers could execute arbitrary code, leading to unauthorized cryptocurrency mining using the organization's resources. This activity not only utilized the compromised infrastructure for mining but also had the potential to disrupt operations and financials through resource exhaustion and increase in operational costs. Atlassian released patches to address the issue, however, systems not updated remained at risk.
Type: Cryptomining Campaign
Attack Vector: Template Injection Vulnerability
Vulnerability Exploited: CVE-2023-22527
Motivation: Financial Gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Stolen Login Credentials and Vulnerability in third-party software library.
Impact of the Incidents
What was the impact of each incident ?
Incident : Vulnerability Exploitation ATL0214622
Systems Affected: Confluence ServerData Center instance
Incident : Zero-Day Exploit ATL23554622
Systems Affected: Confluence ServerData Center
Incident : Data Breach ATL195481023
Data Compromised: Names, Email addresses, Work departments, Other details
Incident : Data Breach ATL116201123
Data Compromised: Hashed passwords, Email addresses, Names
Systems Affected: HipChat.com service
Incident : Cryptomining Campaign ATL000083124
Systems Affected: Atlassian Confluence Data CenterAtlassian Confluence Server
Operational Impact: Resource Exhaustion
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Employee Data, , Hashed Passwords, Email Addresses, Names and .
Which entities were affected by each incident ?
Incident : Vulnerability Exploitation ATL0214622
Entity Name: Atlassian
Entity Type: Company
Industry: Software Development
Incident : Data Breach ATL195481023
Entity Name: Atlassian
Entity Type: Organization
Industry: Software
Location: Australia
Incident : Data Breach ATL116201123
Entity Name: Atlassian
Entity Type: Corporation
Industry: Software Development
Incident : Cryptomining Campaign ATL000083124
Entity Name: Atlassian
Entity Type: Software Company
Industry: Technology
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Vulnerability Exploitation ATL0214622
Remediation Measures: Patching the vulnerability
Incident : Zero-Day Exploit ATL23554622
Containment Measures: Prevent access to Confluence servers from the internetDisable Confluence instances
Communication Strategy: Advised users to take preventive actions
Incident : Data Breach ATL116201123
Containment Measures: Invalidated passwords on affected accounts
Remediation Measures: Issued instructions on how to reset passwords to all users
Communication Strategy: Notified users to reset passwords
Incident : Cryptomining Campaign ATL000083124
Remediation Measures: Patches Released
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach ATL195481023
Type of Data Compromised: Employee data
Number of Records Exposed: 13200
Sensitivity of Data: Medium
Personally Identifiable Information: namesemail addresseswork departmentsother details
Incident : Data Breach ATL116201123
Type of Data Compromised: Hashed passwords, Email addresses, Names
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Patching the vulnerability, , Issued instructions on how to reset passwords to all users, , Patches Released, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by prevent access to confluence servers from the internet, disable confluence instances, , invalidated passwords on affected accounts and .
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Zero-Day Exploit ATL23554622
Recommendations: Prevent access to Confluence servers from the internet, Disable Confluence instancesPrevent access to Confluence servers from the internet, Disable Confluence instances
References
Where can I find more information about each incident ?
Incident : Data Breach ATL195481023
Source: Atlassian Data Breach Report
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Atlassian Data Breach Report.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Advised Users To Take Preventive Actions and Notified Users To Reset Passwords.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach ATL195481023
Entry Point: Stolen Login Credentials
Incident : Data Breach ATL116201123
Entry Point: Vulnerability in third-party software library
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach ATL195481023
Root Causes: Weak credential management
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Multiple threat groups and Unidentified hackers.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, email addresses, work departments, other details, , Hashed passwords, Email addresses, Names and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Confluence ServerData Center instance and Confluence ServerData Center and and Atlassian Confluence Data CenterAtlassian Confluence Server.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Prevent access to Confluence servers from the internetDisable Confluence instances and Invalidated passwords on affected accounts.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Email addresses, Names, Hashed passwords, email addresses, names, work departments and other details.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 132.0.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Disable Confluence instances and Prevent access to Confluence servers from the internet.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Atlassian Data Breach Report.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Vulnerability in third-party software library and Stolen Login Credentials.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=atlassian' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
