10.16.2023

CVE-2023-22515 Alert

Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 10/16/2023

Action Level - Critical - CVE Score: 10/10

Description

As part of our Edgeguard service, MCNC would like to make you aware of new threats affecting Atlassian Confluence server. The Cybersecurity and Infrastructure Security Agency (CISA) published an article on 10/16/2023 concerning a critical vulnerability in the Atlassian Confluence Ticketing Platform. The vulnerability has been reported as CVE-2023-22515; the vulnerability exists in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. Further information concerning the vulnerability can be found at CISA’s site and at Atlassian's site as well.

Affected Device/Software

Atlassian Confluence servers running the affected versions listed as well as those not hosted by Atlassian. The vulnerability affects the following versions of Confluence: 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.1.0, 8.1.1, 8.1.3, 8.1.4, 8.2.0, 8.2.1, 8.2.2, 8.2.3, 8.3.0, 8.3.1, 8.3.2, 8.4.0, 8.4.1, 8.4.2, 8.5.0, 8.5.1. 

Attack Vector

The vulnerability is triggered via a request on the unauthenticated /server-info.action endpoint.

Attack Feasibility

This attack can be performed if you have any of the vulnerable Atlassian Confluence Data Center and Server versions publicly accessible from the internet.

Remediation

Remediation steps can be found here at Atlassian’s site.

MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC