⚠ Actively exploited in ransomware campaigns
This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.. Due date: 2024-02-14.
CVE-2023-22527
Severity
9.8CRITICAL
EPSS
94.4%
top 0.04%
CISA KEV
KEVRansomware
Added 2024-01-24
Due 2024-02-14
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedJan 16
KEV addedJan 24
KEV dueFeb 14
Latest updateOct 30
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Description
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action.
Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect thei…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages4 packages
🔴Vulnerability Details
3CVEList▶
CVE-2023-22527: A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affe↗2024-01-16
GHSA▶
GHSA-w64x-j9r3-q79q: Summary of Vulnerability
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker↗2024-01-16
💥Exploits & PoCs
1Nuclei▶
Atlassian Confluence - Remote Code Execution