Vulnerabilities > CVE-2023-22515 - Unspecified vulnerability in Atlassian Confluence Data Center and Confluence Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
Vulnerable Configurations
Related news
- Atlassian Confluence Hit by Newly Actively Exploited Zero-Day – Patch Now (source)
- Atlassian Confluence Hit by New Actively Exploited Zero-Day – Patch Now (source)
- Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515) (source)
- Microsoft Warns of Nation-State Hackers Exploiting Critical Atlassian Confluence Vulnerability (source)
- Critical Atlassian Confluence vulnerability exploited by state-backed threat actor (source)
- Microsoft: State hackers exploiting Confluence zero-day since September (source)
- US cybercops urge admins to patch amid ongoing Confluence chaos (source)
- Ukrainian activists hack Trigona ransomware gang, wipe servers (source)
- Atlassian patches critical Confluence bug, urges for immediate action (CVE-2023-22518) (source)
- Atlassian warns of critical Confluence flaw leading to data loss (source)
- Critical Atlassian Confluence bug exploited in Cerber ransomware attacks (source)
- Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws (source)
- Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers (source)
References
- http://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.html
- https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515
- https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515
- https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276
- https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276
- https://jira.atlassian.com/browse/CONFSERVER-92475
- https://jira.atlassian.com/browse/CONFSERVER-92475