Security News > 2023 > October > US cybercops urge admins to patch amid ongoing Confluence chaos

US authorities have issued an urgent plea to network admins to patch the critical vulnerability in Atlassian Confluence Data Center and Server amid ongoing nation-state exploitation.

"Due to the ease of exploitation, CISA, FBI, and MS-ISAC expect to see widespread exploitation of unpatched Confluence instances in government and private networks."

"Organizations are encouraged to review all affected Confluence instances for evidence of compromise, as outlined by Atlassian," the advisory reads.

The Register asked Atlassian about how many Confluence instances remain unpatched but it did not answer specific questions on the matter.

GreyNoise's data on attempted exploits of CVE-2023-22515 indicates that the number of unique IPs trying to exploit the vulnerability is low, but the numbers are consistent with the known IPs disclosed by Microsoft.

"While there are immediate concerns such as increased risk of exploitation and the potential integration into malware toolkits, the availability of a proof-of-concept presents an array of security and operational challenges that extend beyond these immediate issues. Immediate action is strongly advised to address the potential risks associated with this development," said CISA, FBI, and MS-ISAC. As of October 10, Microsoft was aware of four IPs sending exploit traffic and the FBI's investigation revealed a further five.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/10/17/confluence_zero_day_advisory/