Vulnerabilities > CVE-2023-22518 - Incorrect Authorization vulnerability in Atlassian Confluence Data Center
Summary
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Related news
- Atlassian warns of exploit for Confluence data wiping bug, get patching (source)
- Atlassian Confluence data-wiping vulnerability exploited (source)
- Critical Atlassian Confluence bug exploited in Cerber ransomware attacks (source)
- Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws (source)
- Atlassian cranks up the threat meter to max for Confluence authorization flaw (source)
- Atlassian fixes four critical RCE vulnerabilities, patch quickly! (source)
- Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware (source)
References
- http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html
- http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html
- https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907
- https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907
- https://jira.atlassian.com/browse/CONFSERVER-93142
- https://jira.atlassian.com/browse/CONFSERVER-93142