Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
trendmicroblogSophia Nilette RoblesTRENDMICROBLOG:29DCF744F84825F8A34C977A5C1B5459
HistoryNov 10, 2023 - 12:00 a.m.

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518

2023-11-1000:00:00
Sophia Nilette Robles
www.trendmicro.com
31
cerber ransomware
atlassian confluence
vulnerability exploitation
cve-2023-22518
cybersecurity
ransomware

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.971 High

EPSS

Percentile

99.7%

JSON

We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations.

Related

githubexploit 8
talosblog 1
nuclei 1
nessus 2
hivepro 1
zdt 1
prion 1
cisa_kev 1
metasploit 1
attackerkb 1
packetstorm 1
thn 5
cve 1
malwarebytes 1
wallarmlab 2
impervablog 1
rapid7blog 3
qualysblog 1
githubexploit
githubexploit
Exploit for Incorrect Authorization in Atlassian Confluence Data Center
2023-11-28 03:33:16
Exploit for Incorrect Authorization in Atlassian Confluence Data Center
2023-10-31 05:35:00
Exploit for Incorrect Authorization in Atlassian Confluence Data Center
2023-11-09 06:56:18
talosblog
talosblog
A new video series, Google Forms spam and the various gray areas of cyber attacks
2023-11-09 19:00:43
nuclei
nuclei
Atlassian Confluence Server - Improper Authorization
2023-11-02 18:36:47
nessus
nessus
Atlassian Confluence Authentication Bypass (CONFSERVER-93142) (Direct Check)
2023-11-08 00:00:00
Atlassian Confluence < 7.19.16 / 8.x < 8.3.4 / 8.4.x < 8.4.4 / 8.5.x < 8.5.3 / 8.6.x < 8.6.1 (CONFSERVER-93142)
2023-10-31 00:00:00
hivepro
hivepro
Atlassian’s Latest Critical Confluence Flaw Poses Risk of Data Loss
2023-11-01 12:39:26
zdt
zdt
Atlassian Confluence Improper Authorization / Code Execution Exploit
2023-12-19 00:00:00
prion
prion
Authorization
2023-10-31 15:15:00
cisa_kev
cisa_kev
Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
2023-11-07 00:00:00
metasploit
metasploit
Atlassian Confluence Unauth JSON setup-restore Improper Authorization leading to RCE (CVE-2023-22518)
2023-11-22 03:14:27
attackerkb
attackerkb
CVE-2023-22518
2023-10-31 00:00:00
packetstorm
packetstorm
Atlassian Confluence Improper Authorization / Code Execution
2023-12-19 00:00:00
thn
thn
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
2024-04-17 10:57:00
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss
2023-10-31 11:16:00
Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers
2023-11-10 08:58:00
cve
cve
CVE-2023-22518
2023-10-31 15:15:08
malwarebytes
malwarebytes
[updated] Atlassian: &#8220;Take immediate action&#8221; to patch your Confluence Data Center and Server instances
2023-11-02 12:54:23
wallarmlab
wallarmlab
Improper Authorization in Confluence Data Center and Server (CVE-2023-22518)
2023-11-10 22:27:33
Server-Side Template Injection Vulnerability in Confluence Data Center and Server (CVE-2023-22527)
2024-01-30 18:40:35
impervablog
impervablog
Imperva customers are protected against CVE-2023-22518 in Confluence Data Center and Server
2023-11-03 22:58:05
rapid7blog
rapid7blog
Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518
2023-11-06 15:31:47
Metasploit Weekly Wrap-Up
2023-12-22 16:32:56
Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server
2024-01-19 15:40:43
qualysblog
qualysblog
Combine Qualys TruRiskβ„’ and MITRE ATT&CK to Adopt Threat-Informed Defense to Reduce Risk
2024-03-25 15:44:18

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.971 High

EPSS

Percentile

99.7%

JSON
Related for TRENDMICROBLOG:29DCF744F84825F8A34C977A5C1B5459
githubexploit8talosblog1nuclei1nessus2hivepro1zdt1prion1cisa_kev1metasploit1attackerkb1packetstorm1thn5cve1malwarebytes1wallarmlab2impervablog1rapid7blog3qualysblog1