{"id":2437,"date":"2023-12-23T21:30:10","date_gmt":"2023-12-23T21:30:10","guid":{"rendered":"https:\/\/securitybriefing.net\/?p=2437"},"modified":"2023-12-23T21:31:58","modified_gmt":"2023-12-23T21:31:58","slug":"%e9%87%8d%e8%a6%81%e3%81%aa%e3%82%bb%e3%82%ad%e3%83%a5%e3%83%aa%e3%83%86%e3%82%a3%e3%82%a2%e3%83%83%e3%83%97%e3%83%87%e3%83%bc%e3%83%88-atlassian-%e8%a4%87%e6%95%b0%e3%81%ae%e8%a3%bd%e5%93%81%e3%81%a7","status":"publish","type":"post","link":"https:\/\/securitybriefing.net\/ja\/%e3%83%8b%e3%83%a5%e3%83%bc%e3%82%b9\/%e9%87%8d%e8%a6%81%e3%81%aa%e3%82%bb%e3%82%ad%e3%83%a5%e3%83%aa%e3%83%86%e3%82%a3%e3%82%a2%e3%83%83%e3%83%97%e3%83%87%e3%83%bc%e3%83%88-atlassian-%e8%a4%87%e6%95%b0%e3%81%ae%e8%a3%bd%e5%93%81%e3%81%a7\/","title":{"rendered":"\u91cd\u8981\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0: Atlassian\u3001\u8907\u6570\u306e\u88fd\u54c1\u306b\u5b58\u5728\u3059\u308b\u91cd\u5927\u306a\u8106\u5f31\u6027\u306b\u30d1\u30c3\u30c1\u3092\u9069\u7528"},"content":{"rendered":"

\u30a2\u30c8\u30e9\u30b7\u30a2\u30f3\u306f\u3001\u30c1\u30fc\u30e0\u30fb\u30b3\u30e9\u30dc\u30ec\u30fc\u30b7\u30e7\u30f3\u3068\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u958b\u767a\u306e\u305f\u3081\u306e\u30c4\u30fc\u30eb\u3092\u958b\u767a\u3059\u308b\u3053\u3068\u3067\u77e5\u3089\u308c\u3066\u3044\u308b\u3002
\u306f\u3001\u3044\u304f\u3064\u304b\u306e\u88fd\u54c1\u306b\u3064\u3044\u3066\u91cd\u8981\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8b66\u544a\u3092\u767a\u8868\u3057\u305f\u3002\u3053\u308c\u3089\u306e\u8b66\u544a\u306f
\u3053\u308c\u3089\u306e\u88fd\u54c1\u3092\u4f7f\u7528\u3059\u308b\u30b7\u30b9\u30c6\u30e0\u306b\u60aa\u8005\u304c\u4fb5\u5165\u3059\u308b\u53ef\u80fd\u6027\u306e\u3042\u308b\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u3067\u3042\u308b\u3002
\u4ee5\u4e0b\u306f\u305d\u306e\u8981\u70b9\u3067\u3042\u308b\uff1a<\/p>\n\n\n\n

    \n
  1. Confluence \u30c7\u30fc\u30bf\u30bb\u30f3\u30bf\u30fc\u3068\u30b5\u30fc\u30d0\u30fc\u306e\u554f\u984c (CVE-2023-22522)\uff1a\u30d0\u30fc\u30b8\u30e7\u30f3 7.14.1 \u304b\u3089 7.19.4 \u306e
    Confluence \u30c7\u30fc\u30bf\u30bb\u30f3\u30bf\u30fc\u3068\u30b5\u30fc\u30d0\u30fc\u306f\u3001\u30cf\u30c3\u30ab\u30fc\u304c\u3053\u308c\u3089\u306e\u30b7\u30b9\u30c6\u30e0\u3092\u9060\u304f\u304b\u3089\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u3067\u304d\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u30a2\u30c8\u30e9\u30b7\u30a2\u30f3\u306f
    \u305d\u3057\u3066\u3001\u3053\u308c\u3089\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u3059\u3079\u3066\u306e\u4eba\u306b\u3001\u76f4\u3061\u306b\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u3092\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3059\u308b\u3088\u3046\u5f37\u304f\u52e7\u3081\u3066\u3044\u308b\u3002<\/li>\n\n\n\n
  2. macOS \u7528 Atlassian Companion App \u306e\u554f\u984c (CVE-2023-22524)\uff1a\u540c\u69d8\u306e\u554f\u984c\u304c\u30a2\u30c8\u30e9\u30b7\u30a2\u30f3\u306e
    macOS\u7528\u30b3\u30f3\u30d1\u30cb\u30aa\u30f3\u30a2\u30d7\u30ea\u3001\u30d0\u30fc\u30b8\u30e7\u30f37.14.0\u304b\u30897.20.0\u3002\u4eca\u56de\u3082\u30d1\u30c3\u30c1\u304c\u7528\u610f\u3055\u308c\u3066\u3044\u308b\u305f\u3081\u3001\u30e6\u30fc\u30b6\u30fc\u306f\u30a2\u30d7\u30ea\u3092\u4ee5\u4e0b\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u306b\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3057\u3066\u304f\u3060\u3055\u3044\u3002
    \u3067\u304d\u308b\u3060\u3051\u65e9\u304f\u6700\u65b0\u30d0\u30fc\u30b8\u30e7\u30f3\u3092<\/li>\n\n\n\n
  3. Assets Discovery \u306e\u8106\u5f31\u6027 (CE-2023-22523)\uff1a\u3053\u308c\u306f Assets Discovery \u306e\u30d0\u30fc\u30b8\u30e7\u30f3 12.11.0 \u304b\u3089 12.21.1 \u306b\u5f71\u97ff\u3057\u307e\u3059\u3002\u3053\u306e\u8106\u5f31\u6027\u306f
    \u30a2\u30c8\u30e9\u30b7\u30a2\u30f3\u306f\u3053\u306e\u554f\u984c\u3092\u4fee\u6b63\u3059\u308b\u30d1\u30c3\u30c1\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u305f\u3002\u30e6\u30fc\u30b6\u30fc\u306f
    \u6700\u65b0\u30d0\u30fc\u30b8\u30e7\u30f3\u3078\u306e\u30a2\u30c3\u30d7\u30b0\u30ec\u30fc\u30c9\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002<\/li>\n\n\n\n
  4. SnakeYAML \u30e9\u30a4\u30d6\u30e9\u30ea\u306e\u554f\u984c (CVE-2022-1471)\uff1a\u3053\u308c\u306f\u3001\u3055\u307e\u3056\u307e\u306a
    Confluence\u3001Bitbucket\u3001JIRA\u3001\u304a\u3088\u3073 Bamboo \u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u3002\u5f71\u97ff\u3092\u53d7\u3051\u308b\u3059\u3079\u3066\u306e\u88fd\u54c1\u306b\u5bfe\u3057\u3066\u30d1\u30c3\u30c1\u304c\u63d0\u4f9b\u3055\u308c\u3066\u3044\u307e\u3059\u3002
    \u30b7\u30b9\u30c6\u30e0\u3092\u66f4\u65b0\u3059\u308b\u969b\u306b
    <\/li>\n<\/ol>\n\n\n

    \u4f55\u304c\u3067\u304d\u308b\u304b\uff1f <\/h2>\n\n\n

    \u3053\u308c\u3089\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u3060\u3051\u3067\u306a\u304f\u3001\u30a2\u30c8\u30e9\u30b7\u30a2\u30f3\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u5b9a\u671f\u7684\u306b\u30c1\u30a7\u30c3\u30af\u3059\u308b\u3053\u3068\u304c\u8ce2\u660e\u3067\u3059\u3002
    \u65b0\u3057\u3044\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306e\u30a2\u30ca\u30a6\u30f3\u30b9\u30d1\u30b9\u30ef\u30fc\u30c9\u30dd\u30ea\u30b7\u30fc\u306e\u5f37\u5316\u3068\u30b7\u30b9\u30c6\u30e0\u306e\u76e3\u8996
    \u6d3b\u52d5\u3082\u5f79\u7acb\u3064\u3002\u4e07\u304c\u4e00\u306b\u5099\u3048\u3001\u91cd\u8981\u306a\u30c7\u30fc\u30bf\u306f\u5e38\u306b\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u3092\u53d6\u3063\u3066\u304a\u304f\u3053\u3068\u3002
    \u7d50\u8ad6 \u30a2\u30c8\u30e9\u30b7\u30a2\u30f3\u306f\u81ea\u793e\u88fd\u54c1\u306e\u5b89\u5168\u6027\u3092\u4fdd\u3064\u3053\u3068\u306b\u771f\u5263\u306b\u53d6\u308a\u7d44\u3093\u3067\u3044\u307e\u3059\u3002\u30a2\u30c8\u30e9\u30b7\u30a2\u30f3\u306f\u88fd\u54c1\u306e\u5b89\u5168\u6027\u78ba\u4fdd\u306b\u771f\u5263\u306b\u53d6\u308a\u7d44\u3093\u3067\u3044\u307e\u3059\u3002
    \u5b89\u5168\u306e\u305f\u3081\u306e\u30d2\u30f3\u30c8\u3092\u5f97\u308b\u3053\u3068\u3067\u3001\u30e6\u30fc\u30b6\u30fc\u3084\u30b7\u30b9\u30c6\u30e0\u7ba1\u7406\u8005\u306f\u3053\u308c\u3089\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u554f\u984c\u304b\u3089\u8eab\u3092\u5b88\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u3002
    \u5f79\u7acb\u3064\u30ea\u30bd\u30fc\u30b9<\/p>\n\n\n\n