Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Nov 28, 2023

High
CISA KEVRansomware

CVE-2023-22518

AtlassianConfluence Data Center and Server

Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in significant data loss when exploited by an unauthenticated attacker. There is no impact on confidentiality since the attacker cannot exfiltrate any data.

Required Action

https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html; https://nvd.nist.gov/vuln/detail/CVE-2023-22518

Vulnerability Overview

Severity
High
CISA KEV
Yes
Ransomware
Known
Published
Nov 7, 2023
KEV Added
Nov 7, 2023
Due Date
Nov 28, 2023
Related Articles
0

Vendor

Atlassian

Confluence Data Center and Server