CVE-2023-22526

🗓️ 16 Jan 2024 05:00:00Reported by atlassianType

High severity RCE vulnerability in Confluence Data Center 7.19.0 version, CVSS Score 7.2, requires immediate upgrade

Reporter	Title	Published	Views	Family All 17
BDU FSTEC	The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center’s date center, related to insufficient validation of input data, allows a hacker to execute arbitrary code.	25 Jan 202400:00	–	bdu_fstec
Circl	CVE-2023-22526	16 Jan 202406:26	–	circl
CNNVD	Atlassian Confluence Security Vulnerability	16 Jan 202400:00	–	cnnvd
Tenable Nessus	Atlassian Confluence < 7.19.17 / 8.0.x < 8.5.5 / 8.6.x < 8.7.2 (CONFSERVER-93516)	19 Jan 202400:00	–	nessus
Tenable Nessus	Atlassian Confluence 7.13.x < 7.19.17 Remote Code Execution	19 Jan 202400:00	–	nessus
Tenable Nessus	Atlassian Confluence 8.x < 8.5.5 Remote Code Execution	19 Jan 202400:00	–	nessus
Tenable Nessus	Atlassian Confluence 8.6.x < 8.7.2 Remote Code Execution	19 Jan 202400:00	–	nessus
Atlassian	RCE (Remote Code Execution) in Confluence Data Center and Server	5 Dec 202319:33	–	atlassian
CVE	CVE-2023-22526	16 Jan 202405:00	–	cve
EUVD	EUVD-2023-26666	3 Oct 202520:07	–	euvd

[
  {
    "vendor": "Atlassian",
    "product": "Confluence Data Center",
    "versions": [
      {
        "version": "< 7.13.0",
        "status": "unaffected"
      },
      {
        "version": ">= 7.13.0",
        "status": "affected"
      },
      {
        "version": ">= 7.19.0",
        "status": "affected"
      },
      {
        "version": ">= 8.0.0",
        "status": "affected"
      },
      {
        "version": ">= 8.1.0",
        "status": "affected"
      },
      {
        "version": ">= 8.2.0",
        "status": "affected"
      },
      {
        "version": ">= 8.3.0",
        "status": "affected"
      },
      {
        "version": ">= 8.4.0",
        "status": "affected"
      },
      {
        "version": ">= 8.5.0",
        "status": "affected"
      },
      {
        "version": ">= 8.6.0",
        "status": "affected"
      },
      {
        "version": ">= 8.7.1",
        "status": "affected"
      },
      {
        "version": ">= 7.19.17",
        "status": "unaffected"
      },
      {
        "version": ">= 8.5.5",
        "status": "unaffected"
      },
      {
        "version": ">= 8.7.2",
        "status": "unaffected"
      }
    ]
  }
]

Source	Link
confluence	www.confluence.atlassian.com/pages/viewpage.action
jira	www.jira.atlassian.com/browse/CONFSERVER-93516

16 Jan 2024 18:00Current

9.1High risk

Vulners AI Score9.1

CVSS 37.2

EPSS0.01565