I noticed many scans for “/server-info.action” showing up in our “First Seen URLs” report. This URL didn’t ring a bell at first but may be associated with CVE-2023-22515, a recent vulnerability in Confluence Server and Data Center.
Article Link: https://isc.sans.edu/diary/rss/30342