CVE-2023-22518

31.10.2023, 15:15

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available toConfluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.

Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
atlassian	CNA	10 CRITICAL				CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 99%

Vendor	Product	Version
atlassian	confluence_data_center	1.0 ≤ 𝑥 < 7.19.16
atlassian	confluence_data_center	7.20.0 ≤ 𝑥 < 8.3.4
atlassian	confluence_data_center	8.4.0 ≤ 𝑥 < 8.4.4
atlassian	confluence_data_center	8.5.0 ≤ 𝑥 < 8.5.3
atlassian	confluence_data_center	8.6.0
atlassian	confluence_server	1.0 ≤ 𝑥 < 7.19.16
atlassian	confluence_server	7.20.0 ≤ 𝑥 < 8.3.4
atlassian	confluence_server	8.4.0 ≤ 𝑥 < 8.4.4
atlassian	confluence_server	8.5.0 ≤ 𝑥 < 8.5.3
atlassian	confluence_server	8.6.0

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-863 - Incorrect Authorization
The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References

http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html

https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907

https://jira.atlassian.com/browse/CONFSERVER-93142

http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html

https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907

https://jira.atlassian.com/browse/CONFSERVER-93142