Security Advisory: Atlassian Confluence Vulnerability

Published: January 23, 2024

Overview

An RCE (Remote Code Execution) vulnerability, CVE-2023-22527 (CVSS score: 10.0), has been disclosed by Atlassian in their Confluence Data Center and Confluence Server. The vulnerability impacts out-of-date versions of the software, allowing unauthenticated attackers to achieve remote code execution on susceptible installations. According to security researchers, thousands of attempts were made to attack vulnerable servers in the last three days.

Impact

A template injection vulnerability on out-of-date versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected version. Atlassian rates the severity level of this vulnerability as critical (10.0 with the following vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) per their internal assessment.

Applicable Versions

Affected Versions	Not Affected Versions
Confluence Data Center and Server 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3	Confluence Data Center and Server 8.5.4 (LTS)
Confluence Data Center 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3	Confluence Data Center 8.6.0 (Data Center Only), 8.7.1 (Data Center Only)

Mitigations and Workarounds

There are no known workarounds. To remediate this vulnerability, update each affected product installation to the latest version.

Best Practices

It is recommended to perform vulnerability assessments regularly and apply missing patches or upgrades.

Netsurion Detection and Response

Netsurion researchers are continuously monitoring the exploits of this vulnerability. Netsurion’s vulnerability management system will detect the vulnerability CVE-2023-22527 for customers who have subscribed to Netsurion Vulnerability Management.

References:

24X7 SOC-AS-A-SERVICE

OPEN XDR PLATFORM

USE CASES

WHY NETSURION

PARTNERS

ALL CYBERSECURITY INSIGHTS

Level up your cybersecurity!

ABOUT NETSURION

XDR Hot Company

Next-Gen MDR Service

Best MDR Solution