Security News > 2024 > January > Hackers start exploiting critical Atlassian Confluence RCE flaw
Security researchers are observing exploitation attempts for the CVE-2023-22527 remote code execution flaw vulnerability that affects outdated versions of Atlassian Confluence servers.
Atlassian disclosed the security issue last week and noted that it impacts only Confluence versions released before December 5, 2023, along with some out-of-support releases.
The flaw has a critical severity score and is described as a template injection weakness that allows unauthenticated remote attackers to execute code on vulnerable Confluence Data Center and Confluence Server endpoints, versions versions 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, and 8.5.0 through 8.5.3.
Atlassian warns of critical RCE flaw in older Confluence versions.
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers.
Hackers are exploiting critical Apache Struts flaw using public PoC. Sophos backports RCE fix after attacks on unsupported firewalls.
News URL
Related news
- Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856) (source)
- Critical Progress WhatsUp RCE flaw now under active exploitation (source)
- Cisco warns of critical RCE zero-days in end of life IP phones (source)
- Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218) (source)
- SolarWinds fixes critical RCE bug affecting all Web Help Desk versions (source)
- Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986) (source)
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access (source)
- Hackers are exploiting critical bug in LiteSpeed Cache plugin (source)
- Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-16 | CVE-2023-22527 | Injection vulnerability in Atlassian Confluence Data Center and Confluence Server A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. | 9.8 |