Security Flaw in Atlassian Products (Jira, Confluence,Trello, BitBucket) Affecting Multiple Companies
During the course of investigation into the root cause of the incident, the internal investigation team identified that the threat actor gained access to a CloudSEK employee’s Jira account, using Jira session cookies present in stealer logs being sold on the darkweb. ... Step 1: Using a cookie obtained from a stealer log, send a GET request to the /manage/rest/user endpoint on id.atlassian.com, This request will validate the token. CVEs: CVE-2022-43782, CVE-2022-43781, CVE-2022-36804 [View Article](https://cloudsek.com/security-flaw-in-atlassian-products-jira-confluencetrello-bitbucket-affecting-multiple-companies/)