Lucene search

K
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.CONFLUENCE_CVE_2023_22515.NBIN
HistoryOct 12, 2023 - 12:00 a.m.

Atlassian Confluence 8.x < 8.3.3 / 8.4.x < 8.4.3 / 8.5.x < 8.5.2 (CONFSERVER-92475) (Direct Check)

2023-10-1200:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
40
atlassian confluence
version 8.x
security vulnerability

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.974

Percentile

99.9%

The Atlassian Confluence Server running on the remote host has a confirmed vulnerability as referenced in the CONFSERVER-92475 advisory.

  • Privilege Escalation in Confluence Data Center and Server - CVE-2023-22515 (CVE-2023-22515)
Binary data confluence_cve_2023_22515.nbin

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.974

Percentile

99.9%