Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.CONFLUENCE_CVE-2023-22518.NBIN
HistoryNov 08, 2023 - 12:00 a.m.

Atlassian Confluence Authentication Bypass (CONFSERVER-93142) (Direct Check)

2023-11-0800:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
atlassian
confluence
authentication bypass
confserver-93142
direct check
binary data
cve-2023-22518
scanner

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

Low

0.966 High

EPSS

Percentile

99.6%

JSON

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

Binary data confluence_cve-2023-22518.nbin
VendorProductVersionCPE
atlassianconfluencecpe:/a:atlassian:confluence

Related

nuclei 1
talosblog 1
nvd 1
githubexploit 8
prion 1
cisa_kev 1
trendmicroblog 1
metasploit 1
attackerkb 1
cve 1
cvelist 1
thn 5
packetstorm 1
hivepro 1
nessus 1
zdt 1
malwarebytes 1
wallarmlab 2
impervablog 1
rapid7blog 3
qualysblog 1
nuclei
nuclei
Atlassian Confluence Server - Improper Authorization
2023-11-02 18:36:47
talosblog
talosblog
A new video series, Google Forms spam and the various gray areas of cyber attacks
2023-11-09 19:00:43
nvd
nvd
CVE-2023-22518
2023-10-31 15:15:08
githubexploit
githubexploit
Exploit for Incorrect Authorization in Atlassian Confluence Data Center
2023-11-28 03:33:16
Exploit for Incorrect Authorization in Atlassian Confluence Data Center
2024-03-21 07:55:00
Exploit for Incorrect Authorization in Atlassian Confluence Data Center
2023-11-02 22:52:15
prion
prion
Authorization
2023-10-31 15:15:00
cisa_kev
cisa_kev
Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
2023-11-07 00:00:00
trendmicroblog
trendmicroblog
Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518
2023-11-10 00:00:00
metasploit
metasploit
Atlassian Confluence Unauth JSON setup-restore Improper Authorization leading to RCE (CVE-2023-22518)
2023-11-22 03:14:27
attackerkb
attackerkb
CVE-2023-22518
2023-10-31 00:00:00
cve
cve
CVE-2023-22518
2023-10-31 15:15:08
cvelist
cvelist
CVE-2023-22518
2023-10-31 14:30:00
thn
thn
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
2024-04-17 10:57:00
Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers
2023-11-10 08:58:00
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss
2023-10-31 11:16:00
packetstorm
packetstorm
Atlassian Confluence Improper Authorization / Code Execution
2023-12-19 00:00:00
hivepro
hivepro
Atlassian’s Latest Critical Confluence Flaw Poses Risk of Data Loss
2023-11-01 12:39:26
nessus
nessus
Atlassian Confluence < 7.19.16 / 8.x < 8.3.4 / 8.4.x < 8.4.4 / 8.5.x < 8.5.3 / 8.6.x < 8.6.1 (CONFSERVER-93142)
2023-10-31 00:00:00
zdt
zdt
Atlassian Confluence Improper Authorization / Code Execution Exploit
2023-12-19 00:00:00
malwarebytes
malwarebytes
[updated] Atlassian: &#8220;Take immediate action&#8221; to patch your Confluence Data Center and Server instances
2023-11-02 12:54:23
wallarmlab
wallarmlab
Improper Authorization in Confluence Data Center and Server (CVE-2023-22518)
2023-11-10 22:27:33
Server-Side Template Injection Vulnerability in Confluence Data Center and Server (CVE-2023-22527)
2024-01-30 18:40:35
impervablog
impervablog
Imperva customers are protected against CVE-2023-22518 in Confluence Data Center and Server
2023-11-03 22:58:05
rapid7blog
rapid7blog
Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518
2023-11-06 15:31:47
Metasploit Weekly Wrap-Up
2023-12-22 16:32:56
Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server
2024-01-19 15:40:43
qualysblog
qualysblog
Combine Qualys TruRiskβ„’ and MITRE ATT&CK to Adopt Threat-Informed Defense to Reduce Risk
2024-03-25 15:44:18

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

Low

0.966 High

EPSS

Percentile

99.6%

JSON
Related for CONFLUENCE_CVE-2023-22518.NBIN
nuclei1talosblog1nvd1githubexploit8prion1cisa_kev1trendmicroblog1metasploit1attackerkb1cve1cvelist1thn5packetstorm1hivepro1nessus1zdt1malwarebytes1wallarmlab2impervablog1rapid7blog3qualysblog1