CVE-2023-22518
Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
CVSS
—
Sin CVSS
EPSS
100.0%
p100
KEV
SÍ
7 nov 2023
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Atlassian / Confluence Data Center and Server
Vulnerabilidad
Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
Añadido a KEV
7 nov 2023
Remediar antes de
28 nov 2023
Uso conocido en ransomware
Sí
Descripción resumida
Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in significant data loss when exploited by an unauthenticated attacker. There is no impact on confidentiality since the attacker cannot exfiltrate any data.
Acción requerida
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notas
https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html; https://nvd.nist.gov/vuln/detail/CVE-2023-22518