Improper Authorization Vulnerability In Confluence Data Center and Server - 20231101002¶
Overview¶
Atlassian has announced a vulnerability in Confluence Data Center and Server solutions.
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
What is the vulnerability?¶
CVE-2023-22518 - CVSS v3 Base Score: 9.1 - Improper Authorization
What is vulnerable?¶
The vulnerability affects the following products:
- All versions of Confluence Data Center and Confluence Server
What has been observed?¶
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month... (refer Patch Management):
- Atlassian recommends that you upgrade your instance to one of the versions listed in the "Fixed Versions" table section. For full descriptions of the above versions of Confluence Data Center and Server, see the release notes. You can download the latest version of Confluence Data Center and Server from the download center.
| Product | Fixed Versions |
|---|---|
| Confluence Data Center Confluence Server |
7.19.16 or later 8.3.4 or later 8.4.4 or later 8.5.3 or later 8.6.1 or later |
Additional Mitigations are listed in the Atlassian's Jira ticket for the vulnerability found here.