Exploited
critical
10
CWE
20
Advisory Published
Updated

CVE-2023-22515: Atlassian Confluence Data Center and Server Broken Access Control Vulnerability

First published: Wed Oct 04 2023(Updated: )

Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

Credit: security@atlassian.com security@atlassian.com security@atlassian.com

Affected SoftwareAffected VersionHow to fix
Atlassian Confluence Data Center>=8.0.0<8.3.3
Atlassian Confluence Data Center>=8.4.0<8.4.3
Atlassian Confluence Data Center>=8.5.0<8.5.2
Atlassian Confluence Server>=8.0.0<8.3.3
Atlassian Confluence Server>=8.4.0<8.4.3
Atlassian Confluence Server>=8.5.0<8.5.2
Atlassian Confluence Data Center and Server

Remedy

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Check all affected Confluence instances for evidence of compromise per vendor instructions and report any positive findings to CISA.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

  • What is CVE-2023-22515?

    CVE-2023-22515 is a privilege escalation vulnerability in Atlassian Confluence Data Center and Server, which allows external attackers to create unauthorized Confluence administrator accounts and gain access to the system.

  • How severe is CVE-2023-22515?

    CVE-2023-22515 has a critical severity rating with a severity value of 10.

  • Who is affected by CVE-2023-22515?

    Users of Atlassian Confluence Data Center and Server versions are affected by CVE-2023-22515.

  • How can attackers exploit CVE-2023-22515?

    Attackers can exploit CVE-2023-22515 by exploiting a vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized administrator accounts and gain unauthorized access to Confluence.

  • Is there a fix for CVE-2023-22515?

    Yes, Atlassian has released security updates to address CVE-2023-22515. It is recommended to update to the latest version of Confluence Data Center and Server to mitigate the vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203