CVE-2023-22518: Atlassian Confluence Data Center and Server Improper

Atlassian Confluence Data Center and Server Improper Authorization Vulnerability. Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in significant data loss when exploited by an unauthenticated attacker. There is no impact on confidentiality since the attacker cannot exfiltrate any data.

• CISA KEV-listed (remediation due 2023-11-28)
• used in ransomware campaigns
• EPSS 94.4% (100.0% percentile)

Detection rules

• CVE-2023-22518 Exploitation Attempt - Suspicious Confluence Child Process (Linux) high
• CVE-2023-22518 Exploitation Attempt - Suspicious Confluence Child Process (Windows) medium
• CVE-2023-22518 Exploitation Attempt - Vulnerable Endpoint Connection (Proxy) medium
• CVE-2023-22518 Exploitation Attempt - Vulnerable Endpoint Connection (Webserver) medium

Browse the CVE database

Read the full analysis on IntelFusions