Lucene search
+L

38 matches found

redhatcve
redhatcve
added 2025/05/23 4:45 a.m.14 views

CVE-2023-22527

A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server...

10CVSS9.8AI score0.99984EPSS
Exploits32References1
githubexploit
githubexploit
added 2024/10/06 3:16 p.m.423 views

Exploit for Injection in Atlassian Confluence_Data_Center

CVE-2023-22527 CVE-2023-22527 | RCE using SSTI in Confluence...

10CVSS10AI score0.99984EPSS
Exploits32
thn
thn
added 2024/08/30 6:12 a.m.46 views

Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns

Threat actors are actively exploiting a now-patched, critical security flaw impacting the Atlassian Confluence Data Center and Confluence Server to conduct illicit cryptocurrency mining on susceptible instances. "The attacks involve threat actors that employ methods such as the deployment of shel...

10CVSS9.6AI score0.99984EPSS
Exploits32
ptsecurity
ptsecurity
added 2024/08/30 12:0 a.m.7 views

PT-2024-19469 · Undefined · Undefined

Atlassian flaw CVE-2023-22527 exploited in Cryptomining campaigns Atlassian CVE-2024-22527 Exploitation Cryptomining https://t.co/zUtx3YRBV9...

10CVSS9.6AI score0.99984EPSS
Exploits32References1
trendmicroblog
trendmicroblog
added 2024/08/30 12:0 a.m.45 views

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence

Trend Micro discovered that old Atlassian Confluence versions that were affected by CVE-2023-22527 are being exploited using a new in-memory fileless backdoor...

9.8CVSS7.2AI score0.99984EPSS
Exploits32
trendmicroblog
trendmicroblog
added 2024/08/28 12:0 a.m.45 views

Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem

A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system...

9.8CVSS7.2AI score0.99984EPSS
Exploits32
packetstorm
packetstorm
added 2024/03/19 12:0 a.m.357 views

Atlassian Confluence 8.5.3 Remote Code Execution

Exploit Title: CVE-2023-22527: Atlassian Confluence RCE Vulnerability Date: 25/1/2024 Exploit Author: MaanVader Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://www.atlassian.com/software/confluence Version: 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3 Teste...

10CVSS7.4AI score0.99984EPSS
Exploits32
zdt
zdt
added 2024/03/18 12:0 a.m.419 views

Atlassian Confluence < 8.5.3 - Remote Code Execution Exploit

Exploit Title: CVE-2023-22527: Atlassian Confluence RCE Vulnerability Exploit Author: MaanVader Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://www.atlassian.com/software/confluence Version: 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3 Tested on: 8.5.3 CVE ...

9.8CVSS7.2AI score0.99984EPSS
Exploits32
exploitdb
exploitdb
added 2024/03/18 12:0 a.m.386 views

Atlassian Confluence &lt; 8.5.3 - Remote Code Execution

Exploit Title: CVE-2023-22527: Atlassian Confluence RCE Vulnerability Date: 25/1/2024 Exploit Author: MaanVader Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://www.atlassian.com/software/confluence Version: 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3 Teste...

10CVSS9.8AI score0.99984EPSS
Exploits32
thn
thn
added 2024/03/11 9:53 a.m.71 views

BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks

The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks. According to a new report from GuidePoint Security, which responded to a recent intrusion, the incident "began with the exploitatio...

10CVSS10AI score0.99984EPSS
Exploits73
impervablog
impervablog
added 2024/02/21 9:28 a.m.92 views

Attackers Quick to Weaponize CVE-2023-22527 for Malware Delivery

On January 16, 2024, Atlassian disclosed a critical vulnerability affecting Confluence Data Center and Confluence Server, tracked as CVE-2023-22527. The vulnerability is an unauthenticated OGNL injection bug, allowing unauthenticated attackers to execute Java expressions, invoke methods, navigate...

9.3CVSS9.5AI score0.99999EPSS
Exploits497
thn
thn
added 2024/02/16 3:42 p.m.104 views

CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance ASA and Firepower Threat Defense FTD software to its Known Exploited Vulnerabilities KEV catalog, following reports that it's being likely...

10CVSS9AI score0.99984EPSS
Exploits32
rapid7blog
rapid7blog
added 2024/02/15 7:38 p.m.9 views

RCE to Sliver: IR Tales from the Field

Rapid7 Incident Response consultants Noah Hemker, Tyler Starks, and malware analyst Tom Elkins contributed analysis and insight to this blog. Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the sourc...

10CVSS10AI score0.99984EPSS
Exploits32
rapid7blog
rapid7blog
added 2024/02/15 7:38 p.m.53 views

RCE to Sliver: IR Tales from the Field

Rapid7 Incident Response consultants Noah Hemker, Tyler Starks, and malware analyst Tom Elkins contributed analysis and insight to this blog. Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the sourc...

7.5CVSS8.6AI score0.99984EPSS
Exploits32
trendmicroblog
trendmicroblog
added 2024/02/07 12:0 a.m.60 views

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution...

9.8CVSS7.8AI score0.99984EPSS
Exploits32
zdt
zdt
added 2024/01/29 12:0 a.m.568 views

Atlassian Confluence SSTI Injection Exploit

This Metasploit module exploits an SSTI injection in Atlassian Confluence servers. A specially crafted HTTP request uses the injection to evaluate an OGNL expression resulting in OS command execution. Versions 8.5.0 through 8.5.3 and 8.0 to 8.4 are known to be vulnerable. This module requires...

9.8CVSS7.6AI score0.99984EPSS
Exploits32
packetstorm
packetstorm
added 2024/01/26 12:0 a.m.365 views

Atlassian Confluence SSTI Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence SSTI Injection', 'Description' = %q This module exploits an SSTI injection in Atlassian Confluence servers. A specially...

10CVSS7.4AI score0.99984EPSS
Exploits32
metasploit
metasploit
added 2024/01/25 7:50 p.m.587 views

Atlassian Confluence SSTI Injection

This module exploits an SSTI injection in Atlassian Confluence servers. A specially crafted HTTP request uses the injection to evaluate an OGNL expression resulting in OS command execution. Versions 8.5.0 through 8.5.3 and 8.0 to 8.4 are known to be vulnerable. Module Options msf use...

10CVSS8.6AI score0.99984EPSS
Exploits32
githubexploit
githubexploit
added 2024/01/25 10:52 a.m.427 views

Exploit for Injection in Atlassian Confluence_Data_Center

CVE-2023-22527 CVE-2023-22527 - RCE Remote Code Execution...

10CVSS9.9AI score0.99984EPSS
Exploits32
githubexploit
githubexploit
added 2024/01/25 5:32 a.m.390 views

Exploit for Injection in Atlassian Confluence_Data_Center

CVE-2023-22527: Atlassian Confluence Vulnerability Introdu...

10CVSS9.8AI score0.99984EPSS
Exploits32
Rows per page
Query Builder