Skip to main content
Customer Support Customer Support

Atlassian patches critical Confluence zero-day exploited in attacks

  • October 4, 2023
  • 1 reply
  • 12 views
Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54

October 4, 2023 By Sergiu Gatlan

 

Atlassian

Australian software company Atlassian released emergency security updates to fix a maximum severity zero-day vulnerability in its Confluence Data Center and Server software, which has been exploited in attacks.

"Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances," the company said.

"Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue."

Tracked as CVE-2023-22515, this critical privilege escalation flaw affects Confluence Data Center and Server 8.0.0 and later and is described as being remotely exploitable in low-complexity attacks that don't require user interaction.

 

>> Full Article <<

    ProTruckDriver
    Jasper_The_Rasper
    TripleHelix

    1 reply

    TripleHelix
    Moderator
    Forum|alt.badge.img+63
    • TripleHelix
    • Moderator
    • October 31, 2023

    Atlassian warns of critical Confluence flaw leading to data loss

     

    October 31, 2023

     

    Atlassian

    Australian software company Atlassian warned admins to immediately patch Internet-exposed Confluence instances against a critical security flaw that could lead to data loss following successful exploitation.

    Described as an improper authorization vulnerability affecting all versions of Confluence Data Center and Confluence Server software, the bug is tracked as CVE-2023-22518 and puts publicly accessible instances at critical risk.

    While threat actors could use the flaw to destroy data on affected servers, the bug doesn't impact confidentiality as it can't be exploited to exfiltrate instance data. Atlassian Cloud sites accessed via an atlassian.net domain are also unaffected by this vulnerability.

    "As part of our continuous security assessment processes, we have discovered that Confluence Data Center and Server customers are vulnerable to significant data loss if exploited by an unauthenticated attacker," said Bala Sathiamurthy, Atlassian's Chief Information Security Officer (CISO).

    "There are no reports of active exploitation at this time; however, customers must take immediate action to protect their instances."

    The company fixed the critical CVE-2023-22518 vulnerability in Confluence Data Center and Server versions 7.19.16, 8.3.4, 8.4.4, 8.5.3, and 8.6.1.

    Atlassian warned admins to upgrade to a fixed version immediately and, if that isn't possible, to apply mitigation measures, including backing up unpatched instances and blocking Internet access until they're upgraded.

     

    Full Article

    Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
    ProTruckDriver
    Jasper_The_Rasper
    TripleHelix
    Terms & ConditionsAccessibility statement