Atlassian is advising its customers to update their Confluence Data Center and Server to prevent the exploitation of a critical vulnerability that could potentially result in Remote Code Execution (RCE).
What Is the New Atlassian Vulnerability About?
The critical vulnerability, identified as CVE-2023-22527 and assigned a maximum severity rating of 10.0, constitutes a template injection vulnerability present in older versions of Confluence Data Center and Server.
This security vulnerability could enable unauthenticated attackers to achieve Remote Code Execution (RCE) on affected instances.
SOCRadar Vulnerability Intelligence: CVE-2023-22527
The vulnerability significantly impacts all aspects of the CIA triad (Confidentiality, Integrity, and Availability).
Threat actors have previously targeted vulnerabilities in various Atlassian products, as evidenced by CISA’s inclusion of a Confluence Data Center and Server vulnerability in its Known Exploited Vulnerabilities Catalog in November 2023. Atlassian’s CISO had issued a warning about this vulnerability in October 2023.
In late November 2023, the company addressed a series of RCE vulnerabilities in Bamboo & Crowd Data Center and Server, posing serious security threats.
Moreover, in December, CISA emphasized the need for prompt action to address another set of critical vulnerabilities affecting different Atlassian products.
Given the widespread use of Atlassian products in business environments, the severity of the new vulnerability (CVE-2023-22527) is also likely to attract attention from threat actors.
Stay informed about vulnerability details and trends by utilizing SOCRadar’s Vulnerability Intelligence. Access the latest updates on identified vulnerabilities, including exploits and mentions through the module on the platform:
You can monitor CVE trends and access detailed information on vulnerabilities with SOCRadar’s Vulnerability Intelligence
Which Confluence Data Center and Server Versions Are Affected by CVE-2023-22527?
The CVE-2023-22527 vulnerability affects the following versions of Confluence Data Center and Server:
- 8.0.x
- 8.1.x
- 8.2.x
- 8.3.x
- 8.4.x
- 8.5.0 – 8.5.3
According to Atlassian’s advisory, most recent supported versions remain unaffected by this vulnerability; the issue specifically affects outdated Confluence Data Center and Server 8 versions released before December 5, 2023, and version 8.4.5 – which no longer receives backported fixes.
Atlassian further states that the 7.19.x LTS versions, Atlassian Cloud sites, and Confluence sites hosted by Atlassian are not vulnerable to CVE-2023-22527.
Are There Any Workarounds Available?
There are no workarounds available for the vulnerability, making the application of available updates the recommended course of action. Atlassian advises customers to install the latest version, which also offers protection against non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.
For additional information and guidance on updating, refer to Atlassian’s security advisory.
You can enhance your vulnerability management strategy by monitoring digital assets, identifying potential vulnerabilities affecting your organization, and receiving crucial security alerts through SOCRadar’s Attack Surface Management (ASM) module. Sign up for a free edition to experience the full capabilities of SOCRadar XTI and take a proactive step towards a robust security posture.
View Company Vulnerabilities via SOCRadar’s Attack Surface Management
The post Atlassian’s Confluence Data Center and Server Affected by Critical RCE Vulnerability, CVE-2023-22527: Patch Now appeared first on SOCRadar® Cyber Intelligence Inc..
Article Link: Atlassian’s Confluence Data Center and Server Affected by Critical RCE Vulnerability, CVE-2023-22527: Patch Now