Critical Confluence Vulnerability Puts Data at Risk: Atlassian Urges Immediate Patching

by | Nov 1, 2023 | News

Critical Confluence Vulnerability Puts Data at Risk: Atlassian Urges Immediate Patching

Post Views: 149

Premium Content

Patreon
Subscribe to Patreon to watch this episode.
Reading Time: 3 Minutes

Atlassian has issued an urgent warning to administrators to promptly patch Internet-exposed instances of Confluence due to a critical security vulnerability that could result in data loss if exploited.

This vulnerability is described as an improper authorization flaw and affects all versions of Confluence Data Center and Confluence Server software. Tracked as CVE-2023-22518, the bug poses a significant risk to publicly accessible instances.

Although this vulnerability could potentially be exploited by threat actors to destroy data on affected servers, it does not impact data confidentiality, and it cannot be used to steal instance data. Atlassian Cloud sites accessed via an atlassian.net domain remain unaffected by this vulnerability.

Bala Sathiamurthy, Atlassian’s Chief Information Security Officer (CISO), stated, “There are no reports of active exploitation at this time; however, customers must take immediate action to protect their instances.”

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

To address this issue, Atlassian has released fixes for Confluence Data Center and Server versions 7.19.16, 8.3.4, 8.4.4, 8.5.3, and 8.6.1.

Admins are strongly advised to upgrade to one of these fixed versions as soon as possible. If immediate patching is not feasible, mitigation measures should be applied. These include backing up unpatched instances and blocking Internet access until the instances can be updated.

Atlassian stressed that publicly accessible instances, even those with user authentication, should be restricted from external network access until they can be patched.

Earlier this month, CISA, FBI, and MS-ISAC issued a warning urging network administrators to promptly patch Atlassian Confluence servers due to an actively exploited privilege escalation vulnerability, CVE-2023-22515.

Microsoft revealed that the Chinese-backed Storm-0062 (aka DarkShadow or Oro0lxy) threat group had been exploiting this flaw as a zero-day since at least September 14, 2023.

Trending: Jeff Foley – OWASP Amass Founder

Trending: Recon Tool: CHOMTE.SH

Given Confluence servers have been previously targeted in widespread attacks involving Linux botnet malware, cryptocurrency miners, and ransomware such as AvosLocker and Cerber2021, taking swift action to patch these vulnerabilities is of utmost importance.

Trending: StripedFly Malware: A Five-Year Undetected Threat to Windows and Linux Systems

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This