Atlassian Bug Escalated to 10, All Unpatched Instances Vulnerable

  /     /     /  
Publicated : 23/11/2024   Category : security


Atlassian Bug Escalated to 10, All Unpatched Instances Vulnerable


Active ransomware attacks against vulnerable Atlassian Confluence Data Center and Servers ratchets up risk to enterprises, now reflected in the bugs revised CVSS score of 10.



Active ransomware and other cyberattacks against unpatched Atlassian Confluence Data Center and Server technology have driven up the CVSS score of the related vulnerability from its original 9.1 to 10, the most critical rating on the scale.
All versions of Atlassian Confluence Data Center and Server are impacted, according to Atlassian, though cloud instances are not.
The improper authorization flaws score, tracked under CVE-2023-22518, has been raised due to a change in scope of the attack, according to the
Atlassian advisory
, which added there have now been observed active exploits against against the bug, including ransomware. Researchers at Rapid7 also issued an advisory
warning of snowballing attacks starting over the weekend.
Atlassian, an Australian company, develops tools for software development and collaboration.
This improper authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account, the advisory added. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to a full loss of confidentiality, integrity and availability.
First disclosed on Oct. 31, the
Atlassian Confluence vulnerability
was observed under active exploit by Nov. 3.
Right now, Atlassian said it cant confirm which customer instances have been impacted by the active attacks, but the company warns security teams to look for the following:
loss of login or access
requests to /json/setup-restore* in network access logs
installed unknown plugins, with observed reports of a plugin named web.shell.Plugin
encrypted files or corrupted data
unexpected members of the confluence-administrators group
unexpected newly created user accounts

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Atlassian Bug Escalated to 10, All Unpatched Instances Vulnerable