- October 23, 2023: Updated advisory.
- October 18, 2023: Published.
Certain versions of Atlassian Confluence Data Center and Server have a zero-day vulnerability [CVE-2023-22515]. Successful exploitation allows malicious cyber threat actors to create a new administrator account on the target Confluence server, which can lead to a total loss of integrity and confidentiality of the data held in the server.
- Rated as critical by Atlassian. Atlassian Confluence has a large market share, further increasing this vulnerability’s notoriety.
- CISA, FBI, and MS-ISAC expect widespread, continued exploitation due to ease of exploitation.
- Rated as CRITICAL by the National Vulnerability Database (NVD) since it enables the creation of unauthorized administrator accounts.
What To Do
Search for Exposure
- Look for prior exposure to the following Confluence vulnerabilities:
- Look for “confirmed exposure” with:
Refer to the instructions provided by Atlassian to update your environment.