A critical Atlassian bug has been discovered that requires an immediate update

There is currently an increase in activity exploiting the security vulnerability in Confluence, identified as CVE-2023-22518, by numerous attacker networks.

Atlassian bug in-the-wild exploit code available

Proof of Concept (PoC) exploit code for a critical vulnerability that Atlassian disclosed in its Confluence Data Center and Server technology is now publicly available, making it urgent for organizations using the collaboration platform to immediately apply the fix provided by the agency.

Vulnerability information made public

The bug, identified as CVE-2023-22518, affects customers of all versions of Atlassian Data Center and Atlassian Server, but not those using the company's cloud versions of these technologies. The description provided by Atlassian identifies the bug as an issue involving low attack complexity, no user interaction, and a vulnerability that an attacker would be able to exploit with little or no special privileges.

A large number of systems exposed

According to a report from ShadowServer, there has been an increase in exploit activity with attempts to upload files and create or restore vulnerable Confluence instances accessible via the Internet. It is estimated that there are over 24,000 exposed instances, although not necessarily vulnerable, of which the largest number is found in the United States, followed by China, Germany and Japan.