Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistAtlassianCVELIST:CVE-2023-22518
HistoryOct 31, 2023 - 2:30 p.m.

CVE-2023-22518

2023-10-3114:30:00
atlassian
raw.githubusercontent.com
3
confluence
data center
server
vulnerability
unauthorized access
administrative actions
data compromise
atlassian
cloud sites

6.4 Medium

AI Score

Confidence

Low

0.966 High

EPSS

Percentile

99.6%

JSON

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.

Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

Related

talosblog 1
nuclei 1
githubexploit 8
hivepro 1
nessus 2
zdt 1
cisa_kev 1
trendmicroblog 1
prion 1
metasploit 1
packetstorm 1
attackerkb 1
thn 5
cve 1
malwarebytes 1
wallarmlab 2
impervablog 1
rapid7blog 3
qualysblog 1
talosblog
talosblog
A new video series, Google Forms spam and the various gray areas of cyber attacks
2023-11-09 19:00:43
nuclei
nuclei
Atlassian Confluence Server - Improper Authorization
2023-11-02 18:36:47
githubexploit
githubexploit
Exploit for Incorrect Authorization in Atlassian Confluence Data Center
2023-11-28 03:33:16
Exploit for Incorrect Authorization in Atlassian Confluence Data Center
2024-01-23 13:38:40
Exploit for Incorrect Authorization in Atlassian Confluence Data Center
2023-10-31 05:35:00
hivepro
hivepro
Atlassian’s Latest Critical Confluence Flaw Poses Risk of Data Loss
2023-11-01 12:39:26
nessus
nessus
Atlassian Confluence Authentication Bypass (CONFSERVER-93142) (Direct Check)
2023-11-08 00:00:00
Atlassian Confluence < 7.19.16 / 8.x < 8.3.4 / 8.4.x < 8.4.4 / 8.5.x < 8.5.3 / 8.6.x < 8.6.1 (CONFSERVER-93142)
2023-10-31 00:00:00
zdt
zdt
Atlassian Confluence Improper Authorization / Code Execution Exploit
2023-12-19 00:00:00
cisa_kev
cisa_kev
Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
2023-11-07 00:00:00
trendmicroblog
trendmicroblog
Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518
2023-11-10 00:00:00
prion
prion
Authorization
2023-10-31 15:15:00
metasploit
metasploit
Atlassian Confluence Unauth JSON setup-restore Improper Authorization leading to RCE (CVE-2023-22518)
2023-11-22 03:14:27
packetstorm
packetstorm
Atlassian Confluence Improper Authorization / Code Execution
2023-12-19 00:00:00
attackerkb
attackerkb
CVE-2023-22518
2023-10-31 00:00:00
thn
thn
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
2024-04-17 10:57:00
Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers
2023-11-10 08:58:00
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss
2023-10-31 11:16:00
cve
cve
CVE-2023-22518
2023-10-31 15:15:08
malwarebytes
malwarebytes
[updated] Atlassian: &#8220;Take immediate action&#8221; to patch your Confluence Data Center and Server instances
2023-11-02 12:54:23
wallarmlab
wallarmlab
Improper Authorization in Confluence Data Center and Server (CVE-2023-22518)
2023-11-10 22:27:33
Server-Side Template Injection Vulnerability in Confluence Data Center and Server (CVE-2023-22527)
2024-01-30 18:40:35
impervablog
impervablog
Imperva customers are protected against CVE-2023-22518 in Confluence Data Center and Server
2023-11-03 22:58:05
rapid7blog
rapid7blog
Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518
2023-11-06 15:31:47
Metasploit Weekly Wrap-Up
2023-12-22 16:32:56
Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server
2024-01-19 15:40:43
qualysblog
qualysblog
Combine Qualys TruRisk™ and MITRE ATT&CK to Adopt Threat-Informed Defense to Reduce Risk
2024-03-25 15:44:18

6.4 Medium

AI Score

Confidence

Low

0.966 High

EPSS

Percentile

99.6%

JSON
Related for CVELIST:CVE-2023-22518
talosblog1nuclei1githubexploit8hivepro1nessus2zdt1cisa_kev1trendmicroblog1prion1metasploit1packetstorm1attackerkb1thn5cve1malwarebytes1wallarmlab2impervablog1rapid7blog3qualysblog1