CISA KEV 정보
| 취약점명 | Atlassian Confluence Data Center and Server Broken Access Control Vulnerability |
|---|---|
| 설명 | Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence. |
| 조치사항 | Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Check all affected Confluence instances for evidence of compromise per vendor instructions and report any positive findings to CISA. |
| 랜섬웨어 캠페인 악용 | Known |
| 등록일 (KEV) | 2023-10-05 |
| 조치 기한 | 2023-10-13 |
| 추가 참고 | https://confluence.atlassian.com/security/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html; https://nvd.nist.gov/vuln/detail/CVE-2023-22515 |
NVD 상세 정보
CVSS v3.1: 9.8 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCVSS v3.0: 10.0 CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H설명: Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
CWE: CWE-20
참조
- http://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.html [Exploit, Third Party Advisory, VDB Entry]
- https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515 [Vendor Advisory]
- https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276 [Vendor Advisory]
- https://jira.atlassian.com/browse/CONFSERVER-92475 [Issue Tracking, Vendor Advisory]
- http://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.html [Exploit, Third Party Advisory, VDB Entry]
- https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515 [Vendor Advisory]
- https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276 [Vendor Advisory]
- https://jira.atlassian.com/browse/CONFSERVER-92475 [Issue Tracking, Vendor Advisory]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22515 [US Government Resource]
This product uses the NVD API but is not endorsed or certified by the NVD.