← voltar
CVE-2023-22515

CVE-2023-22515

CVSS 10 CRITICALEPSS 99.2%● KEVCWE-20
Em resumo

Uma falha crítica no Confluence Data Center e Server permite que invasores criem contas de administrador não autorizadas em instâncias expostas publicamente, obtendo controle total do sistema.

Detalhe técnico

Uma vulnerabilidade de validação imprópria de entrada (CWE-20) no Confluence Data Center e Server permite que atacantes não autenticados criem contas de administrador maliciosas via instância acessível publicamente, contornando controles de autenticação e resultando em comprometimento completo do sistema. Instâncias Confluence Cloud não são afetadas.

Resumo gerado e traduzido por IA a partir da descrição oficial.
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
Atlassian · Confluence Data CenterAtlassian · Confluence Server
PoCs públicas encontradas30
githubgithub.com/Chocapikk/CVE-2023-22515153githubgithub.com/ad-calcium/CVE-2023-22515110githubgithub.com/ErikWynter/CVE-2023-22515-Scan79githubgithub.com/AIex-3/confluence-hack52githubgithub.com/K4ptor/CVE-2023-2251525githubgithub.com/aaaademo/Confluence-EvilJar23githubgithub.com/youcannotseemeagain/CVE-2023-22515_RCE20githubgithub.com/j3seer/CVE-2023-22515-POC8githubgithub.com/Le1a/CVE-2023-225156githubgithub.com/kh4sh3i/CVE-2023-225155githubgithub.com/spareack/CVE-2023-22515-NSE4githubgithub.com/Vulnmachines/confluence-cve-2023-225153githubgithub.com/LucasPDiniz/CVE-2023-225152githubgithub.com/fyx1t/NSE--CVE-2023-225152githubgithub.com/rxerium/CVE-2023-225151githubgithub.com/iveresk/CVE-2023-225151githubgithub.com/Arkha-Corvus/LetsDefend-SOC235-Atlassian-Confluence-Broken-Access-Control-0-Day-CVE-2023-22515-EventID-1971githubgithub.com/C1ph3rX13/CVE-2023-225151githubgithub.com/dkq-k/cve-2023-22515-10githubgithub.com/DsaHen/cve-2023-22515-exp0githubgithub.com/edsonjt81/CVE-2023-22515-Scan.0githubgithub.com/INTfinityConsulting/cve-2023-225150githubgithub.com/s1d6point7bugcrowd/CVE-2023-22515-check0githubgithub.com/xorbbo/cve-2023-225150githubgithub.com/Onedy1703/CVE-2023-22515-Confluence0githubgithub.com/tranphuc2005/CVE-2023-225150githubgithub.com/vivigotnotime/CVE-2023-22515-Exploit-Script0githubgithub.com/CyberSentinel321/cve-2023-22515-lab0githubgithub.com/dkq-k/CVE-2023-225150cve_referencepacketstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.htmlnão verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.htmlhttps://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276https://jira.atlassian.com/browse/CONFSERVER-92475https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22515