CVE-2023-22512

CWE-400 — Uncontrolled Resource Consumption2 documents2 sources

Severity

7.5HIGH

EPSS

7.8%

top 8.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Atlassian Confluence Data Center Atlassian Confluence Server

Timeline

PublishedJan 16

Latest updateMar 17

Description

This High severity DoS (Denial of Service) vulnerability was introduced in version 5.6.0 of Confluence Data Center and Server. With a CVSS Score of 7.5, this vulnerability allows an unauthenticated attacker to cause a resource to be unavailable for its intended users by temporarily or indefinitely disrupting services of a vulnerable host (Confluence instance) connected to a network, which has no impact to confidentiality, no impact to integrity, high impact to availability, and requires no user …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶NVDatlassian/confluence_data_center5.6 — 7.19.14+1

▶CVEListV5atlassian/confluence_data_center>= 5.6.0

▶NVDatlassian/confluence_server5.6 — 7.19.14+1

▶CVEListV5atlassian/confluence_server>= 5.6.0

🔴Vulnerability Details

CVEList

CVE-2023-22512: This High severity DoS (Denial of Service) vulnerability was introduced in version 5↗2025-03-17

▶