CVE-2023-22527

Vulnerability updated 4 months ago (2024-05-04T20:34:57.355Z)

Download STIX

Preview STIX

CVE-2023-22527 is a critical vulnerability found in Atlassian's Confluence Server and Data Center. This flaw, rated 10 out of 10 on the CVSS v3 scale, is a template injection issue that allows an unauthenticated attacker to execute remote code. The vulnerability specifically affects outdated versions of Confluence Data Center and Server, namely versions 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, and 8.5.0 through 8.5.3. The discovery of this vulnerability led Atlassian to release a security advisory as well as its January 2024 security bulletin addressing vulnerabilities in multiple products. The company has since patched this critical flaw, which could have potentially allowed for remote code execution, posing a significant risk to users' security and data integrity. Atlassian revealed the critical Confluence RCE flaw on January 16, 2024, urging users to take immediate action. The company provided a patch for CVE-2023-22527 to mitigate the potential damage from unauthenticated attackers exploiting the flaw. Users of affected versions of Confluence Data Center and Server are strongly recommended to update their software to the latest version to protect against this severe vulnerability.

Description last updated: 2024-05-04T17:03:30.749Z

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Confluence

Vulnerability

Atlassian

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

ID	Type	Votes	Profile Description
Xmrig	Unspecified	3	XMRig is a type of malware that infiltrates systems to exploit them for malicious activities, such as cryptocurrency mining, DDOS attacks, spam distribution, and data theft. The dropper, which orchestrates the installation and execution of this malware, uses legitimate applications like the I2P tool
Xmrig Miner	Unspecified	2	The XMRig miner is a type of malware that is used to exploit computer systems for cryptocurrency mining. It is an open-source CPU/GPU miner supporting numerous protocols, and is typically installed through a dropper, which orchestrates the installation and execution of the miner. The dropper also in

Source Document References

Information about the CVE-2023-22527 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	18 days ago	Security Affairs newsletter Round 487 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	20 days ago	Threat actors exploit Atlassian Confluence bug in cryptomining campaigns
DARKReading	21 days ago	Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking
Trend Micro	22 days ago	Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem
CERT-EU	8 months ago	Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!
InfoSecurity-magazine	8 months ago	Hackers Target Atlassian Confluence With RCE Exploits
DARKReading	6 months ago	Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory
Securityaffairs	8 months ago	CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog - Security Affairs
CISA	8 months ago	CISA Adds One Known Exploited Vulnerability to Catalog \| CISA
Checkpoint	8 months ago	22nd January – Threat Intelligence Report - Check Point Research
SANS ISC	8 months ago	Scans/Exploit Attempts for Atlassian Confluence RCE Vulnerability CVE-2023-22527 - SANS Internet Storm Center
CERT-EU	8 months ago	Cyber Security Week in Review: January 19, 2024
CERT-EU	8 months ago	Atlassian Releases Security Updates for Multiple Products \| CISA
CERT-EU	8 months ago	A Vulnerability in Atlassian Confluence Data Center and Server Could Allow for Remote Code Execution
BankInfoSecurity	8 months ago	NetScaler, Atlassian, VMWare Disclose Critical Flaws
CERT-EU	8 months ago	Atlassian Confluence vulnerability enables remote code execution
CERT-EU	8 months ago	Citrix, Google address Netscaler, Chrome zero-days
Securityaffairs	8 months ago	Atlassian fixed critical RCE in older Confluence versions - Security Affairs
CERT-EU	8 months ago	Atlassian issues urgent Confluence patch
CERT-EU	8 months ago	Atlassian fixed critical RCE in older Confluence versions