November 6, 2023 By Pierluigi Paganini
Experts warn threat actors that started exploiting a recent critical flaw CVE-2023-22518 in Confluence Data Center and Confluence Server.
Over the weekend threat actors started exploiting a recently disclosed vulnerability (CVE-2023-22518) in all versions of Atlassian Confluence Data Center and Confluence Server.
Atlassian last week warned of the CVE-2023-22518 (CVSS score 9.1), the issue is an improper authorization issue that can lead to significant data loss if exploited by an unauthenticated attacker.
“As part of our continuous security assessment processes, we have discovered that Confluence Data Center and Server customers are vulnerable to significant data loss if exploited by an unauthenticated attacker.” reads the advisory.