This advisory is for organizations that use Atlassian’s on-premises Confluence Data Center and Server. If your organization does not use this platform, this notification may be discarded.
Summary
Atlassian has issued patches for a vulnerability affecting Confluence Data Center and Confluence Server. Atlassian has described this as an improper authorization vulnerability accessible from the public internet but has not released additional details. This effects all version of Confluence Data Center and Server prior to the latest patched versions as indicated below. Atlassian Cloud sites are NOT affected by this vulnerability.
Atlassian stresses that they have not seen exploits for this vulnerability in the wild yet but urges clients to prioritize patching their on-premises instances.
CVE-2023-22518 – Improper Authorization Vulnerability In Confluence Data Center and Server
CVSSv3: 9.1
Affected Products/Versions
| Product |
Fixed Versions |
| Confluence Data Center and Server |
7.19.16 or later |
| |
8.3.4 or later |
| |
8.4.4 or later |
| |
8.5.3 or later |
| |
8.6.1 or later |
Atlassian warns that versions that are past end of life may be susceptible to this vulnerability but has not provided additional details.
Mitigations
- Apply latest patches
- Remove internet access to your instance until patch can be applied
Additional Resources
https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html
https://jira.atlassian.com/browse/CONFSERVER-93142
https://thehackernews.com/2023/10/atlassian-warns-of-new-critical.html
