Atlassian Customers Should Patch Latest Critical Vuln Immediately

  /     /     /  
Publicated : 23/11/2024   Category : security


Atlassian Customers Should Patch Latest Critical Vuln Immediately


Atlassian CISO warns Confluence Data Center and Server customers theyre vulnerable to significant data loss if all on-premises versions arent patched.



Atlassian has discovered yet another critical vulnerability in its Confluence Data Center and Server collaboration and project management platform, and its urging customers to patch the problem immediately. The latest advisory by Atlassian describes 
CVE-2023-22518
 as an improper authorization vulnerability that affects all versions of the on-premises versions of Confluence.
It is the second critical vulnerability reported by Atlassian in a month, tied to its widely used Confluence Data Center and Server platform and among numerous security issues from the company during the past year. The previous bulletin (
CVE-2023-22515
) revealed a vulnerability that could 
allow an attacker
 to create unauthorized Confluence administrator accounts, thereby gaining access to instances. That vulnerability had a severity level of 10 and was discovered initially by some customers who reported they may have been breached by it.
To date, Atlassian is not aware of any active exploits of the newest vulnerability, which has a severity level of 9.1., though the company issued a statement encouraging customers to apply the patch. We have discovered that Confluence Data Center and Server customers are vulnerable to significant data loss if exploited by an unauthenticated attacker, Atlassian CISO Bala Sathiamurthy warned in a statement. Customers must take immediate action to protect their instances.
The new vulnerability does not affect confidentiality because an attacker cant exfiltrate any instance data, according to the advisory. Atlassian emphasized that only those with the on-premises version are affected, not those with the cloud or SaaS versions. Field Effect, a security intelligence provider, echoed Atlassians advice that customers make patching the servers a priority.
Based on the information Atlassian released, it would appear this vulnerability only allows threat actors to delete or otherwise make the data residing on vulnerable servers inaccessible to their rightful users, according to a 
blog post
by the Field Effect security intelligence team. Although this vulnerability is still a risk, it would be worse if actors were able to exfiltrate information to then extort the victim into paying the threat actor not to publicly release the data that was obtained.
Some customers used the advisorys comments section to ask instance-specific questions, such as whether a Web application firewall would be helpful. Others shared frustration with the latest discovery. I feel like theres a vulnerability every month, according to a comment on the forum by a poster identified as Oufiniamine.
Further information on this exploit and how to harden against it would really be helpful for those not having capacity to do this on a (by now: weekly) basis, added Michael Scholze, another commenter on the Atlassian support forum. It also doesnt really spark confidence in your Cloud Product being safe, especially in context of each new LTS update on 7.19.x branch seemingly removing more and more functionality.”

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Atlassian Customers Should Patch Latest Critical Vuln Immediately