Vulners
Lucene search
CVE-2023-22515
🗓️ 04 Oct 2023 14:00:00Reported by atlassianType 
cve🔗 web.nvd.nist.gov📰️ 13 Media mentions👁 888 Views🌐 WEB
10
Node
OROROROROR
[
{
"vendor": "Atlassian",
"product": "Confluence Data Center",
"versions": [
{
"version": "< 8.0.0",
"status": "unaffected"
},
{
"version": ">= 8.0.0",
"status": "affected"
},
{
"version": ">= 8.0.1",
"status": "affected"
},
{
"version": ">= 8.0.2",
"status": "affected"
},
{
"version": ">= 8.0.3",
"status": "affected"
},
{
"version": ">= 8.1.3",
"status": "affected"
},
{
"version": ">= 8.1.4",
"status": "affected"
},
{
"version": ">= 8.2.0",
"status": "affected"
},
{
"version": ">= 8.2.1",
"status": "affected"
},
{
"version": ">= 8.2.2",
"status": "affected"
},
{
"version": ">= 8.2.3",
"status": "affected"
},
{
"version": ">= 8.3.0",
"status": "affected"
},
{
"version": ">= 8.3.1",
"status": "affected"
},
{
"version": ">= 8.3.2",
"status": "affected"
},
{
"version": ">= 8.4.0",
"status": "affected"
},
{
"version": ">= 8.4.1",
"status": "affected"
},
{
"version": ">= 8.4.2",
"status": "affected"
},
{
"version": ">= 8.5.0",
"status": "affected"
},
{
"version": ">= 8.5.1",
"status": "affected"
},
{
"version": ">= 8.3.3",
"status": "unaffected"
},
{
"version": ">= 8.4.3",
"status": "unaffected"
},
{
"version": ">= 8.5.2",
"status": "unaffected"
}
]
},
{
"vendor": "Atlassian",
"product": "Confluence Server",
"versions": [
{
"version": "< 8.0.0",
"status": "unaffected"
},
{
"version": ">= 8.0.0",
"status": "affected"
},
{
"version": ">= 8.0.1",
"status": "affected"
},
{
"version": ">= 8.0.2",
"status": "affected"
},
{
"version": ">= 8.0.3",
"status": "affected"
},
{
"version": ">= 8.1.3",
"status": "affected"
},
{
"version": ">= 8.1.4",
"status": "affected"
},
{
"version": ">= 8.2.0",
"status": "affected"
},
{
"version": ">= 8.2.1",
"status": "affected"
},
{
"version": ">= 8.2.2",
"status": "affected"
},
{
"version": ">= 8.2.3",
"status": "affected"
},
{
"version": ">= 8.3.0",
"status": "affected"
},
{
"version": ">= 8.3.1",
"status": "affected"
},
{
"version": ">= 8.3.2",
"status": "affected"
},
{
"version": ">= 8.4.0",
"status": "affected"
},
{
"version": ">= 8.4.1",
"status": "affected"
},
{
"version": ">= 8.4.2",
"status": "affected"
},
{
"version": ">= 8.5.0",
"status": "affected"
},
{
"version": ">= 8.5.1",
"status": "affected"
},
{
"version": ">= 8.3.3",
"status": "unaffected"
},
{
"version": ">= 8.4.3",
"status": "unaffected"
},
{
"version": ">= 8.5.2",
"status": "unaffected"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| bootstrapStatusProvider.applicationConfig.setupComplete | query param | /server-info.action?bootstrapStatusProvider.applicationConfig.setupComplete=false | Authentication bypass to reopen setup mode via server-info action. | CWE-20 |
| username | request body | /setup/setupadministrator.action | Create a new administrator account during setup bypass. | CWE-20 |
| fullName | request body | /setup/setupadministrator.action | Create a new administrator account during setup bypass. | CWE-20 |
| request body | /setup/setupadministrator.action | Create a new administrator account during setup bypass. | CWE-20 | |
| password | request body | /setup/setupadministrator.action | Create a new administrator account during setup bypass. | CWE-20 |
| confirm | request body | /setup/setupadministrator.action | Create a new administrator account during setup bypass. | CWE-20 |
| setup-next-button | request body | /setup/setupadministrator.action | Create a new administrator account during setup bypass. | CWE-20 |
| username | query param | /rest/api/user?username= | Validate login as newly created admin via REST API. | CWE-20 |
10
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 05:35Current
7.4High risk
Vulners AI Score7.4
CVSS 3.19.8
CVSS 310
EPSS0.99699
SSVC