Security News > 2024 > January > Atlassian Confluence Server RCE attacks underway from 600+ IPs

Atlassian Confluence Server RCE attacks underway from 600+ IPs
2024-01-22 23:37

More than 600 IP addresses are launching thousands of exploit attempts against CVE-2023-22527 - a critical bug in out-of-date versions of Atlassian Confluence Data Center and Server - according to non-profit security org Shadowserver.

The CVE scored a CVSS rating of 10 out of 10, and it affects Confluence Data Center and Server 8 versions released before December 5, 2023 and versions up to 8.4.5.

Atlassian hasn't updated its CVE-2023-22527 security advisory to indicate any instances of Confluence Server being under active exploitation.

The issue has already been corrected in a previous release of Confluence Server and Data Center.

Atlassian security may soon become even more challenged: on February 15th the Aussie software company ends support for its Server products, with vastly more expensive Datacenter products or a cloud migration the alternatives.

An Atlassian partner recently told The Register that forty percent of its clientele intends to continue using the unsupported products despite Atlassian insisting it won't provide patches.


News URL

https://go.theregister.com/feed/www.theregister.com/2024/01/22/atlassian_confluence_server_rce/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2023-22527 Injection vulnerability in Atlassian Confluence Data Center and Confluence Server
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance.
network
low complexity
atlassian CWE-74
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Atlassian 58 56 291 40 34 421