AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

A critical Atlassian bug has been discovered that requires an immediate update

Atlassian issues an urgent warning to Confluence users

Confluence attack in progress: Exploit code released publicly. All versions of Atlassian Data Center and Server are affected. Over 24,000 systems exhibited, mostly in the United States, China, Germany and Japan. Urgent fix recommended.

This pill is also available in Italian language

There is currently an increase in activity exploiting the security vulnerability in Confluence, identified as CVE-2023-22518, by numerous attacker networks.

Atlassian bug in-the-wild exploit code available

Proof of Concept (PoC) exploit code for a critical vulnerability that Atlassian disclosed in its Confluence Data Center and Server technology is now publicly available, making it urgent for organizations using the collaboration platform to immediately apply the fix provided by the agency.

Vulnerability information made public

The bug, identified as CVE-2023-22518, affects customers of all versions of Atlassian Data Center and Atlassian Server, but not those using the company's cloud versions of these technologies. The description provided by Atlassian identifies the bug as an issue involving low attack complexity, no user interaction, and a vulnerability that an attacker would be able to exploit with little or no special privileges.

A large number of systems exposed

According to a report from ShadowServer, there has been an increase in exploit activity with attempts to upload files and create or restore vulnerable Confluence instances accessible via the Internet. It is estimated that there are over 24,000 exposed instances, although not necessarily vulnerable, of which the largest number is found in the United States, followed by China, Germany and Japan.

Follow us on Facebook for more pills like this

11/03/2023 22:28

Marco Verro

Complementary pills

Security alert for Atlassian: the escalation of a critical riskWarning about the consequences of exploits on Atlassian: an urgent call to strengthen defenses

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon