cvelistv5 - CVE-2023-22518

CVE-2023-22518 (GCVE-0-2023-22518)

Vulnerability from cvelistv5 – Published: 2023-10-31 14:30 – Updated: 2025-10-21 23:05

CISA

Summary

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

Severity ?

10 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

Improper Authorization

Assigner

atlassian

References

URL

Tags

	https://confluence.atlassian.com/pages/viewpage.a…
	https://jira.atlassian.com/browse/CONFSERVER-93142
	http://packetstormsecurity.com/files/176264/Atlas…

Impacted products

Vendor

Product

Version

Atlassian

Confluence Data Center

Unaffected: < 1.0.0
Affected: >= 1.0.0
Unaffected: >= 7.19.16
Unaffected: >= 8.3.4
Unaffected: >= 8.4.4
Unaffected: >= 8.5.3
Unaffected: >= 8.6.1

Atlassian

Confluence Server

Unaffected: < 1.0.0
Affected: >= 1.0.0
Unaffected: >= 7.19.16
Unaffected: >= 8.3.4
Unaffected: >= 8.4.4
Unaffected: >= 8.5.3
Unaffected: >= 8.6.1

Credits

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2023-11-07

Due date: 2023-11-28

Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Used in ransomware: Known

Notes: https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html; https://nvd.nist.gov/vuln/detail/CVE-2023-22518

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:13:48.670Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jira.atlassian.com/browse/CONFSERVER-93142"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22518",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-03T16:33:26.216427Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-11-07",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-863",
                "description": "CWE-863 Incorrect Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:05:32.975Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2023-11-07T00:00:00+00:00",
            "value": "CVE-2023-22518 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Confluence Data Center",
          "vendor": "Atlassian",
          "versions": [
            {
              "status": "unaffected",
              "version": "\u003c 1.0.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.0.0"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 7.19.16"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 8.3.4"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 8.4.4"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 8.5.3"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 8.6.1"
            }
          ]
        },
        {
          "product": "Confluence Server",
          "vendor": "Atlassian",
          "versions": [
            {
              "status": "unaffected",
              "version": "\u003c 1.0.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.0.0"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 7.19.16"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 8.3.4"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 8.4.4"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 8.5.3"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 8.6.1"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "-"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to\u00a0Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.\u00a0\n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Authorization",
              "lang": "en",
              "type": "Improper Authorization"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-19T16:06:15.741Z",
        "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
        "shortName": "atlassian"
      },
      "references": [
        {
          "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907"
        },
        {
          "url": "https://jira.atlassian.com/browse/CONFSERVER-93142"
        },
        {
          "url": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
    "assignerShortName": "atlassian",
    "cveId": "CVE-2023-22518",
    "datePublished": "2023-10-31T14:30:00.418Z",
    "dateReserved": "2023-01-01T00:01:22.332Z",
    "dateUpdated": "2025-10-21T23:05:32.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2023-22518",
      "cwes": "[\"CWE-863\"]",
      "dateAdded": "2023-11-07",
      "dueDate": "2023-11-28",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html;  https://nvd.nist.gov/vuln/detail/CVE-2023-22518",
      "product": "Confluence Data Center and Server",
      "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in significant data loss when exploited by an unauthenticated attacker. There is no impact on confidentiality since the attacker cannot exfiltrate any data.",
      "vendorProject": "Atlassian",
      "vulnerabilityName": "Atlassian Confluence Data Center and Server Improper Authorization Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2023-11-28",
      "cisaExploitAdd": "2023-11-07",
      "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "cisaVulnerabilityName": "Atlassian Confluence Data Center and Server Improper Authorization Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndExcluding\": \"7.19.16\", \"matchCriteriaId\": \"3B807590-F41A-4F12-87DF-698D83853191\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.20.0\", \"versionEndExcluding\": \"8.3.4\", \"matchCriteriaId\": \"65733215-581D-4F2A-B023-899386A4A59C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.4.0\", \"versionEndExcluding\": \"8.4.4\", \"matchCriteriaId\": \"56B04148-6AE0-4FD2-BD3D-B07A9E62F229\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.5.0\", \"versionEndExcluding\": \"8.5.3\", \"matchCriteriaId\": \"3660C634-0DB0-40B2-A905-1E00360A53FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:8.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"05E3896A-C145-44DB-8370-9263A139765D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndExcluding\": \"7.19.16\", \"matchCriteriaId\": \"3E147060-0403-4D4C-8E87-453077B4C4CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.20.0\", \"versionEndExcluding\": \"8.3.4\", \"matchCriteriaId\": \"06FD0F88-133B-4421-8644-1948FDA2AA65\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.4.0\", \"versionEndExcluding\": \"8.4.4\", \"matchCriteriaId\": \"F459BB01-A089-4128-93AD-A71FE3B49E22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.5.0\", \"versionEndExcluding\": \"8.5.3\", \"matchCriteriaId\": \"5DA741B1-9AA7-42F6-8F50-32FE732D25D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:8.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E995F8F6-E9A6-4076-8AE8-38A28A5F58D3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to\\u00a0Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.\\u00a0\\n\\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.\"}, {\"lang\": \"es\", \"value\": \"Todas las versiones de Confluence Data Center y Server se ven afectadas por esta vulnerabilidad no explotada. No hay ning\\u00fan impacto en la confidencialidad ya que un atacante no puede filtrar ning\\u00fan dato de la instancia. Los sitios de Atlassian Cloud no se ven afectados por esta vulnerabilidad. Si se accede a su sitio de Confluence a trav\\u00e9s de un dominio atlassian.net, est\\u00e1 alojado en Atlassian y no es vulnerable a este problema.\"}]",
      "id": "CVE-2023-22518",
      "lastModified": "2024-11-21T07:44:58.213",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"security@atlassian.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 10.0, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 6.0}]}",
      "published": "2023-10-31T15:15:08.573",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html\", \"source\": \"security@atlassian.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907\", \"source\": \"security@atlassian.com\", \"tags\": [\"Issue Tracking\", \"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-93142\", \"source\": \"security@atlassian.com\", \"tags\": [\"Issue Tracking\", \"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-93142\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Mitigation\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@atlassian.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-863\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-22518\",\"sourceIdentifier\":\"security@atlassian.com\",\"published\":\"2023-10-31T15:15:08.573\",\"lastModified\":\"2025-10-24T13:38:59.063\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to\u00a0Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.\u00a0\\n\\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.\"},{\"lang\":\"es\",\"value\":\"Todas las versiones de Confluence Data Center y Server se ven afectadas por esta vulnerabilidad no explotada. No hay ning\u00fan impacto en la confidencialidad ya que un atacante no puede filtrar ning\u00fan dato de la instancia. Los sitios de Atlassian Cloud no se ven afectados por esta vulnerabilidad. Si se accede a su sitio de Confluence a trav\u00e9s de un dominio atlassian.net, est\u00e1 alojado en Atlassian y no es vulnerable a este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"security@atlassian.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0}]},\"cisaExploitAdd\":\"2023-11-07\",\"cisaActionDue\":\"2023-11-28\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Atlassian Confluence Data Center and Server Improper Authorization Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0\",\"versionEndExcluding\":\"7.19.16\",\"matchCriteriaId\":\"6EFE3358-3C6B-4C54-98B4-E573AC0C6A43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.20.0\",\"versionEndExcluding\":\"8.3.4\",\"matchCriteriaId\":\"65733215-581D-4F2A-B023-899386A4A59C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.4.0\",\"versionEndExcluding\":\"8.4.4\",\"matchCriteriaId\":\"56B04148-6AE0-4FD2-BD3D-B07A9E62F229\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.0\",\"versionEndExcluding\":\"8.5.3\",\"matchCriteriaId\":\"3660C634-0DB0-40B2-A905-1E00360A53FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:8.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05E3896A-C145-44DB-8370-9263A139765D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0\",\"versionEndExcluding\":\"7.19.16\",\"matchCriteriaId\":\"949F14BD-CBDD-4633-8A72-3CA2B6310CBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.20.0\",\"versionEndExcluding\":\"8.3.4\",\"matchCriteriaId\":\"06FD0F88-133B-4421-8644-1948FDA2AA65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.4.0\",\"versionEndExcluding\":\"8.4.4\",\"matchCriteriaId\":\"F459BB01-A089-4128-93AD-A71FE3B49E22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.0\",\"versionEndExcluding\":\"8.5.3\",\"matchCriteriaId\":\"5DA741B1-9AA7-42F6-8F50-32FE732D25D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:8.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E995F8F6-E9A6-4076-8AE8-38A28A5F58D3\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907\",\"source\":\"security@atlassian.com\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://jira.atlassian.com/browse/CONFSERVER-93142\",\"source\":\"security@atlassian.com\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://jira.atlassian.com/browse/CONFSERVER-93142\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-93142\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T10:13:48.670Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-22518\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-03T16:33:26.216427Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-11-07\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-11-07T00:00:00+00:00\", \"value\": \"CVE-2023-22518 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-863\", \"description\": \"CWE-863 Incorrect Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-03T16:33:49.798Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"-\"}], \"metrics\": [{\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 10, \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\"}}], \"affected\": [{\"vendor\": \"Atlassian\", \"product\": \"Confluence Data Center\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"\u003c 1.0.0\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.0.0\"}, {\"status\": \"unaffected\", \"version\": \"\u003e= 7.19.16\"}, {\"status\": \"unaffected\", \"version\": \"\u003e= 8.3.4\"}, {\"status\": \"unaffected\", \"version\": \"\u003e= 8.4.4\"}, {\"status\": \"unaffected\", \"version\": \"\u003e= 8.5.3\"}, {\"status\": \"unaffected\", \"version\": \"\u003e= 8.6.1\"}]}, {\"vendor\": \"Atlassian\", \"product\": \"Confluence Server\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"\u003c 1.0.0\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.0.0\"}, {\"status\": \"unaffected\", \"version\": \"\u003e= 7.19.16\"}, {\"status\": \"unaffected\", \"version\": \"\u003e= 8.3.4\"}, {\"status\": \"unaffected\", \"version\": \"\u003e= 8.4.4\"}, {\"status\": \"unaffected\", \"version\": \"\u003e= 8.5.3\"}, {\"status\": \"unaffected\", \"version\": \"\u003e= 8.6.1\"}]}], \"references\": [{\"url\": \"https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907\"}, {\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-93142\"}, {\"url\": \"http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to\\u00a0Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.\\u00a0\\n\\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"Improper Authorization\", \"description\": \"Improper Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"shortName\": \"atlassian\", \"dateUpdated\": \"2023-12-19T16:06:15.741Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-22518\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:05:32.975Z\", \"dateReserved\": \"2023-01-01T00:01:22.332Z\", \"assignerOrgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"datePublished\": \"2023-10-31T14:30:00.418Z\", \"assignerShortName\": \"atlassian\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2023-AVI-0899

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Atlassian Confluence Data Center et Server. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Atlassian	Confluence	Confluence Data Center et Server versions antérieures à 7.19.16
Atlassian	Confluence	Confluence Data Center et Server versions 8.6.x antérieures à 8.6.1
Atlassian	Confluence	Confluence Data Center et Server versions 8.4.x antérieures à 8.4.4
Atlassian	Confluence	Confluence Data Center et Server versions 8.5.x antérieures à 8.5.3
Atlassian	Confluence	Confluence Data Center et Server versions 8.3.x antérieures à 8.3.4

References

Title

Publication Time

Tags

Bulletin de sécurité Atlassian CVE-2023-22518 du 30 octobre 2023

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Confluence Data Center et Server versions ant\u00e9rieures \u00e0 7.19.16",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 8.6.x ant\u00e9rieures \u00e0 8.6.1",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 8.4.x ant\u00e9rieures \u00e0 8.4.4",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 8.5.x ant\u00e9rieures \u00e0 8.5.3",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 8.3.x ant\u00e9rieures \u00e0 8.3.4",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-22518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22518"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0899",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-10-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Atlassian Confluence Data Center\net Server. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Atlassian Confluence Data Center et Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CVE-2023-22518 du 30 octobre 2023",
      "url": "https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html"
    }
  ]
}

CERTFR-2023-AVI-0899

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Atlassian Confluence Data Center et Server. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Atlassian	Confluence	Confluence Data Center et Server versions antérieures à 7.19.16
Atlassian	Confluence	Confluence Data Center et Server versions 8.6.x antérieures à 8.6.1
Atlassian	Confluence	Confluence Data Center et Server versions 8.4.x antérieures à 8.4.4
Atlassian	Confluence	Confluence Data Center et Server versions 8.5.x antérieures à 8.5.3
Atlassian	Confluence	Confluence Data Center et Server versions 8.3.x antérieures à 8.3.4

References

Title

Publication Time

Tags

Bulletin de sécurité Atlassian CVE-2023-22518 du 30 octobre 2023

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Confluence Data Center et Server versions ant\u00e9rieures \u00e0 7.19.16",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 8.6.x ant\u00e9rieures \u00e0 8.6.1",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 8.4.x ant\u00e9rieures \u00e0 8.4.4",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 8.5.x ant\u00e9rieures \u00e0 8.5.3",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 8.3.x ant\u00e9rieures \u00e0 8.3.4",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-22518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22518"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0899",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-10-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Atlassian Confluence Data Center\net Server. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Atlassian Confluence Data Center et Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CVE-2023-22518 du 30 octobre 2023",
      "url": "https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html"
    }
  ]
}

GSD-2023-22518

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-22518

Aliases

CVE-2023-22518

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-22518",
    "id": "GSD-2023-22518"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-22518"
      ],
      "details": "All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to\u00a0Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.\u00a0\n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.",
      "id": "GSD-2023-22518",
      "modified": "2023-12-13T01:20:42.955757Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@atlassian.com",
        "ID": "CVE-2023-22518",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Confluence Data Center",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "versions": [
                              {
                                "status": "unaffected",
                                "version": "\u003c 1.0.0"
                              },
                              {
                                "status": "affected",
                                "version": "\u003e= 1.0.0"
                              },
                              {
                                "status": "unaffected",
                                "version": "\u003e= 7.19.16"
                              },
                              {
                                "status": "unaffected",
                                "version": "\u003e= 8.3.4"
                              },
                              {
                                "status": "unaffected",
                                "version": "\u003e= 8.4.4"
                              },
                              {
                                "status": "unaffected",
                                "version": "\u003e= 8.5.3"
                              },
                              {
                                "status": "unaffected",
                                "version": "\u003e= 8.6.1"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Confluence Server",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "versions": [
                              {
                                "status": "unaffected",
                                "version": "\u003c 1.0.0"
                              },
                              {
                                "status": "affected",
                                "version": "\u003e= 1.0.0"
                              },
                              {
                                "status": "unaffected",
                                "version": "\u003e= 7.19.16"
                              },
                              {
                                "status": "unaffected",
                                "version": "\u003e= 8.3.4"
                              },
                              {
                                "status": "unaffected",
                                "version": "\u003e= 8.4.4"
                              },
                              {
                                "status": "unaffected",
                                "version": "\u003e= 8.5.3"
                              },
                              {
                                "status": "unaffected",
                                "version": "\u003e= 8.6.1"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Atlassian"
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "-"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to\u00a0Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.\u00a0\n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Improper Authorization"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907",
            "refsource": "MISC",
            "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907"
          },
          {
            "name": "https://jira.atlassian.com/browse/CONFSERVER-93142",
            "refsource": "MISC",
            "url": "https://jira.atlassian.com/browse/CONFSERVER-93142"
          },
          {
            "name": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "cisaActionDue": "2023-11-28",
        "cisaExploitAdd": "2023-11-07",
        "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
        "cisaVulnerabilityName": "Atlassian Confluence Data Center and Server Improper Authorization Vulnerability",
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "3B807590-F41A-4F12-87DF-698D83853191",
                    "versionEndExcluding": "7.19.16",
                    "versionStartIncluding": "1.0.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "65733215-581D-4F2A-B023-899386A4A59C",
                    "versionEndExcluding": "8.3.4",
                    "versionStartIncluding": "7.20.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "56B04148-6AE0-4FD2-BD3D-B07A9E62F229",
                    "versionEndExcluding": "8.4.4",
                    "versionStartIncluding": "8.4.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "3660C634-0DB0-40B2-A905-1E00360A53FB",
                    "versionEndExcluding": "8.5.3",
                    "versionStartIncluding": "8.5.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:atlassian:confluence_data_center:8.6.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "05E3896A-C145-44DB-8370-9263A139765D",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "3E147060-0403-4D4C-8E87-453077B4C4CE",
                    "versionEndExcluding": "7.19.16",
                    "versionStartIncluding": "1.0.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "06FD0F88-133B-4421-8644-1948FDA2AA65",
                    "versionEndExcluding": "8.3.4",
                    "versionStartIncluding": "7.20.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F459BB01-A089-4128-93AD-A71FE3B49E22",
                    "versionEndExcluding": "8.4.4",
                    "versionStartIncluding": "8.4.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "5DA741B1-9AA7-42F6-8F50-32FE732D25D5",
                    "versionEndExcluding": "8.5.3",
                    "versionStartIncluding": "8.5.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:atlassian:confluence_server:8.6.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E995F8F6-E9A6-4076-8AE8-38A28A5F58D3",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to\u00a0Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.\u00a0\n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue."
          },
          {
            "lang": "es",
            "value": "Todas las versiones de Confluence Data Center y Server se ven afectadas por esta vulnerabilidad no explotada. No hay ning\u00fan impacto en la confidencialidad ya que un atacante no puede filtrar ning\u00fan dato de la instancia. Los sitios de Atlassian Cloud no se ven afectados por esta vulnerabilidad. Si se accede a su sitio de Confluence a trav\u00e9s de un dominio atlassian.net, est\u00e1 alojado en Atlassian y no es vulnerable a este problema."
          }
        ],
        "id": "CVE-2023-22518",
        "lastModified": "2023-12-19T16:15:07.883",
        "metrics": {
          "cvssMetricV30": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 6.0,
              "source": "security@atlassian.com",
              "type": "Secondary"
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2023-10-31T15:15:08.573",
        "references": [
          {
            "source": "security@atlassian.com",
            "url": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html"
          },
          {
            "source": "security@atlassian.com",
            "tags": [
              "Issue Tracking",
              "Mitigation",
              "Vendor Advisory"
            ],
            "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907"
          },
          {
            "source": "security@atlassian.com",
            "tags": [
              "Issue Tracking",
              "Mitigation",
              "Vendor Advisory"
            ],
            "url": "https://jira.atlassian.com/browse/CONFSERVER-93142"
          }
        ],
        "sourceIdentifier": "security@atlassian.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-863"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

FKIE_CVE-2023-22518

Vulnerability from fkie_nvd - Published: 2023-10-31 15:15 - Updated: 2025-10-24 13:38

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@atlassian.com	http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
security@atlassian.com	https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907	Issue Tracking, Mitigation, Vendor Advisory
security@atlassian.com	https://jira.atlassian.com/browse/CONFSERVER-93142	Issue Tracking, Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907	Issue Tracking, Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://jira.atlassian.com/browse/CONFSERVER-93142	Issue Tracking, Mitigation, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518	US Government Resource

Impacted products

Vendor	Product	Version
atlassian	confluence_data_center	*
atlassian	confluence_data_center	*
atlassian	confluence_data_center	*
atlassian	confluence_data_center	*
atlassian	confluence_data_center	8.6.0
atlassian	confluence_server	*
atlassian	confluence_server	*
atlassian	confluence_server	*
atlassian	confluence_server	*
atlassian	confluence_server	8.6.0

JSON

To clipboard

{
  "cisaActionDue": "2023-11-28",
  "cisaExploitAdd": "2023-11-07",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Atlassian Confluence Data Center and Server Improper Authorization Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EFE3358-3C6B-4C54-98B4-E573AC0C6A43",
              "versionEndExcluding": "7.19.16",
              "versionStartIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65733215-581D-4F2A-B023-899386A4A59C",
              "versionEndExcluding": "8.3.4",
              "versionStartIncluding": "7.20.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "56B04148-6AE0-4FD2-BD3D-B07A9E62F229",
              "versionEndExcluding": "8.4.4",
              "versionStartIncluding": "8.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3660C634-0DB0-40B2-A905-1E00360A53FB",
              "versionEndExcluding": "8.5.3",
              "versionStartIncluding": "8.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:8.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "05E3896A-C145-44DB-8370-9263A139765D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "949F14BD-CBDD-4633-8A72-3CA2B6310CBB",
              "versionEndExcluding": "7.19.16",
              "versionStartIncluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FD0F88-133B-4421-8644-1948FDA2AA65",
              "versionEndExcluding": "8.3.4",
              "versionStartIncluding": "7.20.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F459BB01-A089-4128-93AD-A71FE3B49E22",
              "versionEndExcluding": "8.4.4",
              "versionStartIncluding": "8.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA741B1-9AA7-42F6-8F50-32FE732D25D5",
              "versionEndExcluding": "8.5.3",
              "versionStartIncluding": "8.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:8.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E995F8F6-E9A6-4076-8AE8-38A28A5F58D3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to\u00a0Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.\u00a0\n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue."
    },
    {
      "lang": "es",
      "value": "Todas las versiones de Confluence Data Center y Server se ven afectadas por esta vulnerabilidad no explotada. No hay ning\u00fan impacto en la confidencialidad ya que un atacante no puede filtrar ning\u00fan dato de la instancia. Los sitios de Atlassian Cloud no se ven afectados por esta vulnerabilidad. Si se accede a su sitio de Confluence a trav\u00e9s de un dominio atlassian.net, est\u00e1 alojado en Atlassian y no es vulnerable a este problema."
    }
  ],
  "id": "CVE-2023-22518",
  "lastModified": "2025-10-24T13:38:59.063",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "security@atlassian.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-10-31T15:15:08.573",
  "references": [
    {
      "source": "security@atlassian.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html"
    },
    {
      "source": "security@atlassian.com",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907"
    },
    {
      "source": "security@atlassian.com",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://jira.atlassian.com/browse/CONFSERVER-93142"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://jira.atlassian.com/browse/CONFSERVER-93142"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518"
    }
  ],
  "sourceIdentifier": "security@atlassian.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

WID-SEC-W-2023-2775

Vulnerability from csaf_certbund - Published: 2023-10-30 23:00 - Updated: 2023-11-08 23:00

Summary

Atlassian Confluence: Schwachstelle ermöglicht Erlangen von Administratorrechten

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Confluence ist eine kommerzielle Wiki-Software.

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Atlassian Confluence ausnutzen, um Administratorrechte zu erlangen.

Betroffene Betriebssysteme

- UNIX - Linux - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "kritisch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Confluence ist eine kommerzielle Wiki-Software.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Atlassian Confluence ausnutzen, um Administratorrechte zu erlangen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2775 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2775.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2775 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2775"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Advisory Update vom 2023-06-11",
        "url": "https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Advisory vom 2023-10-30",
        "url": "https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Atlassian Confluence: Schwachstelle erm\u00f6glicht Erlangen von Administratorrechten",
    "tracking": {
      "current_release_date": "2023-11-08T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:00:46.629+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-2775",
      "initial_release_date": "2023-10-30T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-10-30T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-11-06T23:00:00.000+00:00",
          "number": "2",
          "summary": "Aktive Ausnutzung gemeldet"
        },
        {
          "date": "2023-11-08T23:00:00.000+00:00",
          "number": "3",
          "summary": "Text Und Bewertung angepasst"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Atlassian Confluence \u003c 7.19.16",
                "product": {
                  "name": "Atlassian Confluence \u003c 7.19.16",
                  "product_id": "T030845",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:confluence:7.19.16"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Atlassian Confluence \u003c 8.3.4",
                "product": {
                  "name": "Atlassian Confluence \u003c 8.3.4",
                  "product_id": "T030846",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:confluence:8.3.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Atlassian Confluence \u003c 8.4.4",
                "product": {
                  "name": "Atlassian Confluence \u003c 8.4.4",
                  "product_id": "T030847",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:confluence:8.4.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Atlassian Confluence \u003c 8.5.3",
                "product": {
                  "name": "Atlassian Confluence \u003c 8.5.3",
                  "product_id": "T030848",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:confluence:8.5.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Atlassian Confluence \u003c 8.6.1",
                "product": {
                  "name": "Atlassian Confluence \u003c 8.6.1",
                  "product_id": "T030849",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:confluence:8.6.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Confluence"
          }
        ],
        "category": "vendor",
        "name": "Atlassian"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-22518",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Atlassian Confluence. Diese h\u00e4ngt mit einer fehlerhaften Authentisierung zusammen. Es ist m\u00f6glich Confluence zur\u00fcckzusetzen und ein Confluence-Instanzadministratorkonto zu erstellen. Ein entfernter, anonymer Angreifer kann dann alle administrativen Aktionen durchf\u00fchren, die dem Confluence-Instanzadministrator zur Verf\u00fcgung stehen, was zu einem vollst\u00e4ndigen Verlust der Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit f\u00fchrt."
        }
      ],
      "release_date": "2023-10-30T23:00:00.000+00:00",
      "title": "CVE-2023-22518"
    }
  ]
}

GHSA-8PRX-84H6-4FR5

Vulnerability from github – Published: 2023-10-31 15:30 – Updated: 2025-10-22 00:32

Details

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data.

Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

Severity ?

9.1 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-22518"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-31T15:15:08Z",
    "severity": "CRITICAL"
  },
  "details": "All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data.\n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.",
  "id": "GHSA-8prx-84h6-4fr5",
  "modified": "2025-10-22T00:32:53Z",
  "published": "2023-10-31T15:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22518"
    },
    {
      "type": "WEB",
      "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907"
    },
    {
      "type": "WEB",
      "url": "https://github.com/RootUp/PersonalStuff/blob/master/check_cve_2023_22518.py"
    },
    {
      "type": "WEB",
      "url": "https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-22518.yaml"
    },
    {
      "type": "WEB",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-93142"
    },
    {
      "type": "WEB",
      "url": "https://www.bleepingcomputer.com/news/security/atlassian-warns-of-exploit-for-confluence-data-wiping-bug-get-patching"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518"
    },
    {
      "type": "WEB",
      "url": "https://www.rapid7.com/blog/post/2023/11/06/etr-rapid7-observed-exploitation-of-atlassian-confluence-cve-2023-22518"
    },
    {
      "type": "WEB",
      "url": "https://www.securityweek.com/exploitation-of-critical-confluence-vulnerability-begins"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-22518 (GCVE-0-2023-22518)

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

CERTFR-2023-AVI-0899

Solution

CERTFR-2023-AVI-0899

Solution

GSD-2023-22518

FKIE_CVE-2023-22518

WID-SEC-W-2023-2775

GHSA-8PRX-84H6-4FR5

Tags

Sightings

Nomenclature