Atlassian and Cisco Issue Critical Patches for Remote Code Execution and Other Security Flaws
This week, Atlassian and Cisco released security updates addressing several high-severity vulnerabilities across their products, some of which could lead to remote code execution.
Atlassian rolled out seven updates to fix four high-risk issues affecting third-party components used in Bamboo, Confluence, and Jira. Some of the vulnerabilities had been publicly known for nearly six years. Among the patched flaws is a denial-of-service (DoS) vulnerability in Netplex Json-smart, which can be exploited without authentication. This issue, tracked as CVE-2024-57699, was fixed across Bamboo Data Center and Server, Jira Data Center and Server, and Jira Service Management.
Jira and Jira Service Management also received patches for an XML External Entity (XXE) injection vulnerability, tracked as CVE-2021-33813, which could be used to trigger a DoS condition.
For Confluence Data Center and Server, two vulnerabilities were addressed: a DoS flaw in the Netty application framework (CVE-2025-24970) and an XXE vulnerability in the libjackson-json-java library (CVE-2019-10172). Atlassian confirmed that none of the vulnerabilities have been exploited in the wild.
Meanwhile, Cisco released patches for security issues in Webex App, Secure Network Analytics, and Nexus Dashboard.
The Webex App update addresses a high-severity remote code execution vulnerability (CVE-2025-20236), where an attacker could exploit a malicious meeting invite link to get a user to download arbitrary files.
Updates for Secure Network Analytics (versions 7.5.0, 7.5.1, and 7.5.2) resolve a medium-severity vulnerability that could allow authenticated users to gain shell access with root privileges.
Cisco also fixed a medium-severity bug in Nexus Dashboard that could enable unauthenticated attackers to identify valid LDAP usernames remotely.
Cisco stated that none of the identified vulnerabilities have been observed being exploited in real-world attacks.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
