Lucene search
+L

20 matches found

GithubExploit
GithubExploit
added 2025/05/05 2:12 a.m.312 views

Exploit for Incorrect Authorization in Atlassian Confluence_Data_Center

Exploit-CVE-2023-22518 CVE-2023-22518 in Confluence CVE-2023-22...

10CVSS9.9AI score0.99999EPSS
Exploits14
The Hacker News
The Hacker News
added 2024/04/17 10:57 a.m.70 views

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber aka C3RB3R ransomware. The attacks leverage CVE-2023-22518 CVSS score: 9.1, a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated...

10CVSS9.6AI score0.99999EPSS
Exploits14
The Hacker News
The Hacker News
added 2024/03/22 11:28 a.m.59 views

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an "aggressive" campaign. Google-owned Mandiant is tracking the activity under its...

10CVSS9.3AI score0.99999EPSS
Exploits48
Rapid7 Blog
Rapid7 Blog
added 2023/12/22 4:32 p.m.123 views

Metasploit Weekly Wrap-Up

Getting Looney with Privilege Escalation As if Metasploit couldn’t get any loonier, this release adds a brand new exploit module for Glibc Tunables Privilege Escalation aka Looney Tunables. Now, using linux/local/glibctunablesprivesc, you can check your target’s glibc version to see if it’s...

7.5CVSS8.8AI score0.99999EPSS
Exploits46
Packet Storm
Packet Storm
added 2023/12/19 12:0 a.m.443 views

Atlassian Confluence Improper Authorization / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Unauth JSON setup-restore Improper Authorization leading to RCE CVE-2023-22518', 'Description' = %q This Improper...

10CVSS7.4AI score0.99999EPSS
Exploits14
Metasploit
Metasploit
added 2023/12/18 7:51 p.m.474 views

Atlassian Confluence Unauth JSON setup-restore Improper Authorization leading to RCE (CVE-2023-22518)

This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator. This module...

10CVSS9.8AI score0.99999EPSS
Exploits14
GithubExploit
GithubExploit
added 2023/11/20 6:58 p.m.96 views

Exploit for Incorrect Authorization in Atlassian Confluence_Data_Center

CVE-2023-22518 - Vulnerabilidad en Confluence Descripción...

10CVSS9.8AI score0.99999EPSS
Exploits14
The Hacker News
The Hacker News
added 2023/11/10 8:58 a.m.115 views

Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers

Cybersecurity researchers have discovered a stealthy backdoor named Effluence that's deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. "The malware acts as a persistent backdoor and is not remediated by applying...

10CVSS9.7AI score0.99999EPSS
Exploits48
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/11/10 12:0 a.m.65 views

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518

We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations...

7.5CVSS9.7AI score0.99999EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2023/11/08 12:0 a.m.39 views

Atlassian Confluence Authentication Bypass (CONFSERVER-93142) (Direct Check)

Binary data confluencecve-2023-22518.nbin...

10CVSS9.8AI score0.99999EPSS
Exploits14References3
The Hacker News
The Hacker News
added 2023/11/07 7:14 a.m.145 views

Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws

Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for...

10CVSS10AI score0.99999EPSS
Exploits79
Rapid7 Blog
Rapid7 Blog
added 2023/11/06 3:31 p.m.180 views

Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518

Daniel Lydon and Conor Quinn contributed attacker behavior insights to this blog. As of November 5, 2023, Rapid7 Managed Detection and Response MDR is observing exploitation of Atlassian Confluence in multiple customer environments, including for ransomware deployment. We have confirmed that at...

7.5CVSS9.9AI score0.99999EPSS
Exploits48
GithubExploit
GithubExploit
added 2023/11/05 6:45 a.m.114 views

Exploit for Incorrect Authorization in Atlassian Confluence_Data_Center

CVE-2023-22518 An Exploitation tool to exploit the confluence...

10CVSS9.9AI score0.99999EPSS
Exploits29
NVD
NVD
added 2023/10/31 3:15 p.m.27 views

CVE-2023-22518

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perfo...

10CVSS9.7AI score0.99999EPSS
Exploits14References4
Vulnrichment
Vulnrichment
added 2023/10/31 2:30 p.m.11 views

CVE-2023-22518

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perfo...

10CVSS9.6AI score0.99999EPSS
Exploits14References3
CVE
CVE
added 2023/10/31 2:30 p.m.559 views

CVE-2023-22518

CVE-2023-22518 (Confluence DC/Server): An improper authorization vulnerability allowed an unauthenticated attacker to reset Confluence and create an instance administrator, enabling full admin control and potential data loss. Affected products include Confluence Data Center (all versions) and Con...

10CVSS9.4AI score0.99999EPSS
In wildExploits14References4Affected Software1
Circl
Circl
added 2023/10/31 9:5 a.m.10 views

CVE-2023-22518

creationtimestamp| type| source ---|---|--- 2023-10-31 09:05:21+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus22/2023 2023-10-31 10:09:56+00:00| seen| https://www.cert.at/de/warnungen/2023/10/confluence-cve-2023-22518 2023-10-31 11:23:30+00:00| seen|...

10CVSS8.6AI score0.99999EPSS
In wildExploits14References85
GithubExploit
GithubExploit
added 2023/10/31 5:35 a.m.189 views

Exploit for Incorrect Authorization in Atlassian Confluence_Data_Center

CVE-2023-22518 Improper Authorization Vulnerability in Conflue...

10CVSS9.8AI score0.99999EPSS
Exploits48
GithubExploit
GithubExploit
added 2023/10/31 5:35 a.m.172 views

Exploit for Incorrect Authorization in Atlassian Confluence_Data_Center

CVE-2023-22518 Improper Authorization Vulnerability in Conflue...

10CVSS9.8AI score0.99999EPSS
Exploits48
Tenable Nessus
Tenable Nessus
added 2023/10/31 12:0 a.m.74 views

Atlassian Confluence < 7.19.16 / 8.x < 8.3.4 / 8.4.x < 8.4.4 / 8.5.x < 8.5.3 / 8.6.x < 8.6.1 (CONFSERVER-93142)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-93142 advisory. - Improper Authorization in Confluence Data Center and Server CVE-2023-22518 Note that Nessus has not tested for this issue but has instead relied...

10CVSS8.7AI score0.99999EPSS
Exploits14References3
Rows per page
Query Builder