Security News > 2023 > October > Atlassian patches critical Confluence zero-day exploited in attacks
Australian software company Atlassian released emergency security updates to fix a maximum severity zero-day vulnerability in its Confluence Data Center and Server software, which has been exploited in attacks.
"Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances," the company said.
"Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue."
Tracked as CVE-2023-22515, this critical privilege escalation flaw affects Confluence Data Center and Server 8.0.0 and later and is described as being remotely exploitable in low-complexity attacks that don't require user interaction.
Last year, CISA ordered federal agencies to patch another critical Confluence vulnerability exploited in the wild, based on previous alerts from cybersecurity firm Rapid7 and threat intelligence company GreyNoise.
Apple emergency updates fix 3 new zero-days exploited in attacks.
News URL
Related news
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Critical zero-days impact premium WordPress real estate plugins (source)
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) (source)
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-04 | CVE-2023-22515 | Unspecified vulnerability in Atlassian Confluence Data Center and Confluence Server Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. | 9.8 |