Threat Actor: Unknown | Unknown
Victim: Atlassian Jira | Atlassian Jira
Price: 800,000 XMR (Monero)
Exfiltrated Data Type: Not specified
Additional Information:
- The threat actor is selling a zero-day Remote Code Execution (RCE) exploit targeting Atlassian’s Jira.
- The exploit works on the latest version of the Jira desktop app and Jira integrated with Confluence.
- No login credentials are required to execute the exploit.
- The exploit is compatible with Okta Single Sign-On (SSO).
- The price for the exploit is 800,000 XMR (Monero).
- This exploit poses a significant security threat to corporate environments that use Jira and Confluence for project management and collaboration.
In a new cyber security incident, a threat actor has announced the sale of a zero-day Remote Code Execution (RCE) exploit targeting Atlassian’s Jira. This exploit allegedly works on the latest version of the Jira desktop app, as well as Jira integrated with Confluence, without requiring any login credentials. Additionally, it is compatible with Okta Single Sign-On (SSO), further broadening its potential impact.
Details of the Offer:
- Exploit Type: Zero-day Remote Code Execution (RCE)
- Target: Atlassian Jira (latest desktop version and integrated with Confluence)
- Login Requirement: None
- SSO Compatibility: Okta SSO
- Price: 800,000 XMR (Monero)
This exploit poses a significant security threat, given the widespread use of Jira and Confluence in corporate environments for project management and collaboration..
Original Source: https://dailydarkweb.net/zero-day-rce-exploit-for-atlassian-jira-for-sale/