Atlassian Confluence Data Center and Server [CVE-2023-22515] Ingrid Certain versions of Atlassian Confluence Data Center and Server have a zero-day vulnerability [CVE-2023-22515]. Successful exploitation allows malicious cyber threat actors to create a new administrator account on the target Confluence server, which can lead to a total loss of integrity and confidentiality of the data held in the server. Severity Rated as critical by Atlassian. Atlassian Confluence has a large market share, further increasing this vulnerability’s notoriety. CISA, FBI, and MS-ISAC expect widespread, continued exploitation due to ease of exploitation. Rated as CRITICAL by the National Vulnerability Database (NVD) since it enables the creation of unauthorized administrator accounts. What To Do Search for Exposure Look for prior exposure to the following Confluence vulnerabilities: CVE-2019-3398 CVE-2019-3396 CVE-2022-26134 CVE-2021-26084 Look for “confirmed exposure” with: CM App: Vulnerability Detection for Your Portfolio Insurance App: Vulnerability Detection for Your Clients SPM App: Vulnerability Detection Report Security Update Refer to the instructions provided by Atlassian to update your environment. Resources Atlassian, “CVE-2023-22515 - Broken Access Control Vulnerability in Confluence Data Center and Server” GitHub, Inc. “CVE-2023-22515 Exploit Script” NIST, “NVD CVE-2023-22515 Detail” Rapid7, “Technical Analysis” October 23, 2023: Updated advisory. October 18, 2023: Published. Related articles Barracuda Email Security Gateway [CVE-2023-2868] Remediation Verification: Open Ports Vendor Risk: Assessments NetScaler ADC & NetScaler Gateway RCE [CVE-2023-3519] Crawlers Feedback 0 comments Please sign in to leave a comment.