AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

A critical Atlassian bug has been discovered that requires an immediate update

Atlassian issues an urgent warning to Confluence users

Confluence attack in progress: Exploit code released publicly. All versions of Atlassian Data Center and Server are affected. Over 24,000 systems exhibited, mostly in the United States, China, Germany and Japan. Urgent fix recommended.

This pill is also available in Italian language

There is currently an increase in activity exploiting the security vulnerability in Confluence, identified as CVE-2023-22518, by numerous attacker networks.

Atlassian bug in-the-wild exploit code available

Proof of Concept (PoC) exploit code for a critical vulnerability that Atlassian disclosed in its Confluence Data Center and Server technology is now publicly available, making it urgent for organizations using the collaboration platform to immediately apply the fix provided by the agency.

Vulnerability information made public

The bug, identified as CVE-2023-22518, affects customers of all versions of Atlassian Data Center and Atlassian Server, but not those using the company's cloud versions of these technologies. The description provided by Atlassian identifies the bug as an issue involving low attack complexity, no user interaction, and a vulnerability that an attacker would be able to exploit with little or no special privileges.

A large number of systems exposed

According to a report from ShadowServer, there has been an increase in exploit activity with attempts to upload files and create or restore vulnerable Confluence instances accessible via the Internet. It is estimated that there are over 24,000 exposed instances, although not necessarily vulnerable, of which the largest number is found in the United States, followed by China, Germany and Japan.

Follow us on WhatsApp for more pills like this

11/03/2023 22:28

Editorial AI

Complementary pills

Security alert for Atlassian: the escalation of a critical riskWarning about the consequences of exploits on Atlassian: an urgent call to strengthen defenses

Last pills

Global threat: serious security flaw discovered in the IEEE 802.11 Wi-Fi standardNew flaw in the IEEE 802.11 Wi-Fi standard exposes the security of global networks to serious risks

The fundamental aspects of computer security in everyday lifeProtection and prevention: how to safeguard personal data in the digital world

Black Basta hits Synlab: analysis of the attack and cybersecurity lessons for the healthcare sectorCyber defense strategies: how to protect healthcare infrastructures from ransomware

Google releases an emergency update for ChromeUrgent update to fix critical vulnerability in Chrome, users advised to install it immediately