Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
trendmicroblogJagir ShastriTRENDMICROBLOG:ABA19756285C9635C811A1DE0B7DBB0E
HistoryFeb 07, 2024 - 12:00 a.m.

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

2024-02-0700:00:00
Jagir Shastri
www.trendmicro.com
9
atlassian
confluence
cve-2023-22527
remote code execution
cvss 10

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.974 High

EPSS

Percentile

99.9%

JSON

In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution.

Related

hivepro 2
githubexploit 17
exploitdb 1
packetstorm 2
nessus 1
zdt 2
cisa_kev 1
thn 4
prion 1
metasploit 1
attackerkb 1
rapid7blog 3
nuclei 1
cve 1
atlassian 1
impervablog 2
wallarmlab 1
openvas 1
avleonov 1
hivepro
hivepro
Attacks, Vulnerabilities and Actors 22 January to 28 January 2024
2024-01-29 14:47:47
Critical RCE Flaw in Atlassian Confluence Sparks Active Exploitation
2024-01-24 13:24:06
githubexploit
githubexploit
Exploit for Injection in Atlassian Confluence Data Center
2024-01-23 09:28:53
Exploit for Injection in Atlassian Confluence Data Center
2024-01-23 08:06:15
Exploit for Injection in Atlassian Confluence Data Center
2024-01-22 19:02:59
exploitdb
exploitdb
Atlassian Confluence < 8.5.3 - Remote Code Execution
2024-03-18 00:00:00
packetstorm
packetstorm
Atlassian Confluence SSTI Injection
2024-01-26 00:00:00
Atlassian Confluence 8.5.3 Remote Code Execution
2024-03-19 00:00:00
nessus
nessus
Atlassian Confluence < 8.5.4 RCE (CONFSERVER-93833)
2024-01-16 00:00:00
zdt
zdt
Atlassian Confluence < 8.5.3 - Remote Code Execution Exploit
2024-03-18 00:00:00
Atlassian Confluence SSTI Injection Exploit
2024-01-29 00:00:00
cisa_kev
cisa_kev
Atlassian Confluence Data Center and Server Template Injection Vulnerability
2024-01-24 00:00:00
thn
thn
~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation
2024-01-23 09:34:00
BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks
2024-03-11 09:53:00
CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability
2024-02-16 15:42:00
prion
prion
Template injection
2024-01-16 05:15:00
metasploit
metasploit
Atlassian Confluence SSTI Injection
2024-01-22 22:06:29
attackerkb
attackerkb
CVE-2023-22527
2024-01-16 00:00:00
rapid7blog
rapid7blog
RCE to Sliver: IR Tales from the Field
2024-02-15 19:38:59
Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server
2024-01-19 15:40:43
Metasploit Weekly Wrap-Up 01/26/24
2024-01-26 21:12:17
nuclei
nuclei
Atlassian Confluence - Remote Code Execution
2024-01-22 08:43:25
cve
cve
CVE-2023-22527
2024-01-16 05:15:08
atlassian
atlassian
RCE (Remote Code Execution) in Confluence Data Center and Server
2024-01-15 07:48:36
impervablog
impervablog
New Sysrv Botnet Variant Makes Use of Google Subdomain to Spread XMRig Miner
2024-03-20 16:56:29
Attackers Quick to Weaponize CVE-2023-22527 for Malware Delivery
2024-02-21 09:28:01
wallarmlab
wallarmlab
Server-Side Template Injection Vulnerability in Confluence Data Center and Server (CVE-2023-22527)
2024-01-30 18:40:35
openvas
openvas
Directory Scanner
2005-11-03 00:00:00
avleonov
avleonov
November 2023 – January 2024: New Vulristics Features, 3 Months of Microsoft Patch Tuesdays and Linux Patch Wednesdays, Year 2023 in Review
2024-02-01 17:07:20

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.974 High

EPSS

Percentile

99.9%

JSON
Related for TRENDMICROBLOG:ABA19756285C9635C811A1DE0B7DBB0E
hivepro2githubexploit17exploitdb1packetstorm2nessus1zdt2cisa_kev1thn4prion1metasploit1attackerkb1rapid7blog3nuclei1cve1atlassian1impervablog2wallarmlab1openvas1avleonov1