News

Critical: RCE Vulnerability in Confluence Data Center and Server

Giulio Saggin
Giulio Saggin
Thursday, 18 January 2024
Critical: RCE Vulnerability in Confluence Data Center and Server
Image: Marek Piwnicki (unsplash)

Atlassian has issued a security advisory regarding a critical Remote Code Execution (RCE) vulnerability identified as CVE-2023-22527 in out-of-date versions of Confluence Data Center and Confluence Server. This security flaw poses a significant risk, allowing an unauthenticated attacker to exploit a template injection vulnerability and achieve RCE on affected versions.

Summary of Vulnerability:

  • CVE ID:

    CVE-2023-22527

  • Affected Products:

    • Confluence Data Center

    • Confluence Server

  • Advisory Release Date:

    Tue, Jan 16, 2024 01:00 EST

  • Severity:

    Critical (10.0) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details:This template injection vulnerability affects out-of-date versions of Confluence Data Center and Server, specifically versions 8 released before Dec. 5, 2023, and version 8.4.5, which no longer receives backported fixes. Immediate action is required by affected customers to patch their installations to the latest versions.

What You Need To Do:

  • Affected Versions:

    • Confluence Data Center and Server: 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3

  • Immediate Action:

    • Patch each affected installation to the latest version available.

    • Latest Versions: 8.5.4 (LTS), 8.5.5 (LTS) for Data Center and Server.

Mitigations: Unfortunately, there are no known workarounds for this vulnerability. The only solution is to update each affected product installation to the latest version.

Acknowledgments: This vulnerability was responsibly disclosed by Petrus Viet and reported via Atlassian's Bug Bounty program.

Support: For further assistance or if you did not receive an email advisory, visit Atlassian Support.

Frequently Asked Questions (FAQ):Additional details and clarifications can be found on the FAQ page.

References:

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203