Security News > 2024 > January > Atlassian Confluence Server RCE attacks underway from 600+ IPs
![Atlassian Confluence Server RCE attacks underway from 600+ IPs](/static/build/img/news/atlassian-confluence-server-rce-attacks-underway-from-600-ips-medium.jpg)
More than 600 IP addresses are launching thousands of exploit attempts against CVE-2023-22527 - a critical bug in out-of-date versions of Atlassian Confluence Data Center and Server - according to non-profit security org Shadowserver.
The CVE scored a CVSS rating of 10 out of 10, and it affects Confluence Data Center and Server 8 versions released before December 5, 2023 and versions up to 8.4.5.
Atlassian hasn't updated its CVE-2023-22527 security advisory to indicate any instances of Confluence Server being under active exploitation.
The issue has already been corrected in a previous release of Confluence Server and Data Center.
Atlassian security may soon become even more challenged: on February 15th the Aussie software company ends support for its Server products, with vastly more expensive Datacenter products or a cloud migration the alternatives.
An Atlassian partner recently told The Register that forty percent of its clientele intends to continue using the unsupported products despite Atlassian insisting it won't provide patches.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/01/22/atlassian_confluence_server_rce/
Related news
- High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) (source)
- Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast (source)
- Oracle WebLogic Server OS Command Injection Flaw Under Active Attack (source)
- Club Penguin fans breached Disney Confluence server, stole 2.5GB of data (source)
- TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers (source)
- Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) (source)
- Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed (source)
- Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks (source)
- New regreSSHion OpenSSH RCE bug gives root on Linux servers (source)
- Hackers attack HFS servers to drop malware and Monero miners (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-16 | CVE-2023-22527 | Injection vulnerability in Atlassian Confluence Data Center and Confluence Server A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. | 9.8 |