About Us

About Cabling Installation & Maintenance

Our mission: Bringing practical business and technical intelligence to today's structured cabling professionals

For more than 30 years, Cabling Installation & Maintenance has provided useful, practical information to professionals responsible for the specification, design, installation and management of structured cabling systems serving enterprise, data center and other environments. These professionals are challenged to stay informed of constantly evolving standards, system-design and installation approaches, product and system capabilities, technologies, as well as applications that rely on high-performance structured cabling systems. Our editors synthesize these complex issues into multiple information products. This portfolio of information products provides concrete detail that improves the efficiency of day-to-day operations, and equips cabling professionals with the perspective that enables strategic planning for networks’ optimum long-term performance.

Throughout our annual magazine, weekly email newsletters and 24/7/365 website, Cabling Installation & Maintenance digs into the essential topics our audience focuses on.

  • Design, Installation and Testing: We explain the bottom-up design of cabling systems, from case histories of actual projects to solutions for specific problems or aspects of the design process. We also look at specific installations using a case-history approach to highlight challenging problems, solutions and unique features. Additionally, we examine evolving test-and-measurement technologies and techniques designed to address the standards-governed and practical-use performance requirements of cabling systems.
  • Technology: We evaluate product innovations and technology trends as they impact a particular product class through interviews with manufacturers, installers and users, as well as contributed articles from subject-matter experts.
  • Data Center: Cabling Installation & Maintenance takes an in-depth look at design and installation workmanship issues as well as the unique technology being deployed specifically for data centers.
  • Physical Security: Focusing on the areas in which security and IT—and the infrastructure for both—interlock and overlap, we pay specific attention to Internet Protocol’s influence over the development of security applications.
  • Standards: Tracking the activities of North American and international standards-making organizations, we provide updates on specifications that are in-progress, looking forward to how they will affect cabling-system design and installation. We also produce articles explaining the practical aspects of designing and installing cabling systems in accordance with the specifications of established standards.

Cabling Installation & Maintenance is published by Endeavor Business Media, a division of EndeavorB2B.

Contact Cabling Installation & Maintenance

Editorial

Patrick McLaughlin

Serena Aburahma

Advertising and Sponsorship Sales

Peter Fretty - Vice President, Market Leader

Tim Carli - Business Development Manager

Brayden Hudspeth - Sales Development Representative

Subscriptions and Memberships

Subscribe to our newsletters and manage your subscriptions

Feedback/Problems

Send a message to our general in-box

 

My Watchlist
Indicators
Cabling Market Index
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

Leading Productivity Software Provider Patches Critical Security Issues in Two of Its Products

By: IssueWire

The high-severity vulnerabilities found in Confluence and Bamboo product lines could allow authenticated attackers to manipulate system calls and execute arbitrary code, potentially leading to severe impacts

Surrey, United Kingdom Aug 21, 2023 (Issuewire.com) - Geeky News, a technology and lifestyle platform, recently published an article that highlights critical security patches released by a productivity software provider for two of its products. Atlassian, a leading provider of team collaboration and productivity software, has released critical patches to address remote code execution (RCE) vulnerabilities in its Confluence and Bamboo products. In cases of successful exploitation, these vulnerabilities could allow authenticated attackers to manipulate system calls and execute arbitrary code, potentially leading to severe impacts on system integrity, confidentiality, and availability, reported The Hacker News

According to the report, these vulnerabilities have been identified through the company's bug bounty program, penetration testing procedures, and evaluations of third-party library scans. The most severe RCE vulnerability tracked down as CVE-2023-22508 with a CVSS score of 8.5 was detected in Confluence Data Center & Server version 7.4.0. Vulnerable versions span from 7.19.8 up to, but not including, 8.2.0. Versions 8.2.0 and beyond are immune to this specific exploit. 

A second high-severity RCE issue detected as CVE-2023-22505 with a CVSS score of 8.0, was found in Data Center & Server version 8.0.0. Affected versions range from 8.0.0 up to, excepting 8.3.2 and 8.4.0. Versions 8.3.2 onwards and 8.4.0 and the following editions were not impacted.

Another flaw infecting Bamboo Data Center and Server is CVE-2023-22506. It's a combination of an injection flaw with an RCE that can make the system security highly vulnerable. Tracked in version 8.0.0 of Bamboo Data Center, this flaw, with a CVSS score of 7.5, permits authenticated hackers to manipulate system call actions. Ultimately, it allows them to pose substantial risks to system uptime, privacy, and integrity. According to the report, the impacted versions range from 8.0.0 up to, but not incorporating, versions 9.2.3 and 9.3.1. Versions 9.2.3, 9.3.1, and subsequent releases are unaffected.

These high-severity vulnerabilities could be exploited by hackers without requiring any user interaction. The exploitation of these vulnerabilities could lead to unauthorised control of the compromised server, resulting in malware injection, data theft, and even massive operational disruptions. 

In response to these critical security issues, Atlassian has promptly released patches for the vulnerabilities across its Confluence and Bamboo product lines. Users are strongly urged to update their software to the latest versions, or at least the swiftly released Confluence versions 8.3.2 and 8.4.0. Atlassian stack customers unable to upgrade to the recommended editions are advised to update at least to version 8.2.0, which addresses CVE-2023-22508. Atlassian also promptly released versions 9.2.3 and 9.3.1 of Bamboo Data Center, which can effectively address the CVE-2023-22506 issue. The report says that users need to quickly install the patches because these attacks can be executed without any user interaction.

Atlassian tools are aimed at enabling teams to power collaboration, thus improving their productivity. However, companies looking to completely leverage the benefits of the Atlassian stack might want to invest in a high-end managed service provider (MSP) like Automation Consultants. By collaborating with expert MSPs, teams can keep their Atlassian stack performing at their best while reducing the risk of operational disruptions and unplanned downtime. 

The recently patched RCE flaws in Confluence and Bamboo products emphasise Atlassian's commitment to protecting customer security. The report highlights the company's statement: "While this change results in an increase of visibility and disclosures, it does not mean there are more vulnerabilities. Rather, we are taking a more proactive approach to vulnerability transparency and are committed to providing our customers with the information they need to make informed decisions about updating our products."

 

Media Contact

Geeky News


press@geekynews.co.uk

+44 20 3800 1212

Parallel House, 32 London Road Guildford, Surrey

https://www.geekynews.co.uk/

Source :Geeky News

This article was originally published by IssueWire. Read the original article here.

More News

View More
Why Seagate Is Wall Street's New Favorite AI Infrastructure Play
Via MarketBeat
Topics Artificial Intelligence
Tickers BAC STX
3 AI Infrastructure Stocks With Upside After the Summer Rally
Via MarketBeat
Topics Artificial Intelligence
Tickers AMZN ANET AVGO GOOGL META MSFT
Can Advantage2 Help Overcome D-Wave's Share Price Plateau?
Via MarketBeat
Tickers F GEV NVDA QBTS
Eli Lilly’s Oral GLP-1 Breakthrough Could Change Everything
Via MarketBeat
Tickers LLY
The Fed Cut Rates: What Now for the S&P 500 and Equity Markets?
Via MarketBeat
Topics ETFs Economy Stocks
Tickers NVDA SNOW SPY WDAY
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.