• Type: Public Security Vulnerability
• Resolution: Fixed
• Priority: Highest
• Fix Version/s: 8.5.2, 8.3.3, 8.4.3
• Affects Version/s: 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.1.1, 8.1.3, 8.2.1, 8.1.4, 8.2.2, 8.2.3, 8.3.1, 8.3.2, 8.4.1, 8.4.2, 8.5.1
• Component/s: None
• Labels:

  • fixed-versions-published
  • hot-conf-fixed

[CONFSERVER-92475] Broken Authentication & Session Management in Confluence Data Center and Server - CVE-2023-22515

Cathy S made changes - 13/Mar/2024 5:55 PM

Remote Link

New: This issue links to "Page (Confluence)" [ 880201 ]

Dan Hranj made changes - 22/Feb/2024 12:50 AM

Remote Link

New: This issue links to "Page (Confluence)" [ 871585 ]

Renata Bueno made changes - 21/Feb/2024 5:31 PM

Remote Link

Original: This issue links to "Page (Confluence)" [ 822661 ]

Renata Bueno made changes - 21/Feb/2024 5:05 PM

Remote Link

New: This issue links to "Page (Confluence)" [ 871552 ]

David Maye made changes - 04/Dec/2023 4:42 PM

Remote Link

New: This issue links to "Page (Confluence)" [ 844369 ]

Nicole Round made changes - 31/Oct/2023 5:22 AM

Advisory URL

Original: https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276

New: https://confluence.atlassian.com/display/SECURITY/CVE-2023-22515+-+Broken+Access+Control+Vulnerability+in+Confluence+Data+Center+and+Server

Nicole Round made changes - 31/Oct/2023 5:22 AM

Description

Original: h2. Summary of Vulnerability Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.   {panel} _Atlassian Cloud sites are not affected by this vulnerability._ _If your Confluence site is accessed via an [atlassian.net|http://atlassian.net/] domain, it is hosted by Atlassian and is not vulnerable to this issue._ {panel} h2. Affected Versions *Versions prior to 8.0.0 are not affected by this vulnerability.* ||Product||Affected Versions|| |Confluence Data Center and Confluence Server| - 8.0.0  - 8.0.1  - 8.0.2  - 8.0.3  - 8.0.4  - 8.1.0  - 8.1.1  - 8.1.3  - 8.1.4  - 8.2.0  - 8.2.1  - 8.2.2  - 8.2.3  - 8.3.0  - 8.3.1  - 8.3.2  - 8.4.0  - 8.4.1  - 8.4.2  - 8.5.0  - 8.5.1|   h2. Fixed Versions ||Product||Fixed Versions|| |Confluence Data Center Confluence Server| - 8.3.3 or later  - 8.4.3 or later  - 8.5.2 (Long Term Support release) or later| h2. What You Need to Do For affected versions, we strongly recommend:  * Upgrading to the fixed versions of Confluence Server or Data Center.  ** If unable to upgrade promptly, implement mitigations (refer to the M{_}itigations{_} section in the full advisory).  * Engaging your security team and check for indicators of compromise (refer to the _Threat Detection_ section in the full advisory). For additional details, please see the full advisory here: [https://confluence.atlassian.com/display/SECURITY/CVE-2023-22518+-+Improper+Authorization+Vulnerability+in+Confluence+Data+Center+and+Server]

New: h2. Summary of Vulnerability Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.   {panel} _Atlassian Cloud sites are not affected by this vulnerability._ _If your Confluence site is accessed via an [atlassian.net|http://atlassian.net/] domain, it is hosted by Atlassian and is not vulnerable to this issue._ {panel} h2. Affected Versions *Versions prior to 8.0.0 are not affected by this vulnerability.* ||Product||Affected Versions|| |Confluence Data Center and Confluence Server| - 8.0.0  - 8.0.1  - 8.0.2  - 8.0.3  - 8.0.4  - 8.1.0  - 8.1.1  - 8.1.3  - 8.1.4  - 8.2.0  - 8.2.1  - 8.2.2  - 8.2.3  - 8.3.0  - 8.3.1  - 8.3.2  - 8.4.0  - 8.4.1  - 8.4.2  - 8.5.0  - 8.5.1|   h2. Fixed Versions ||Product||Fixed Versions|| |Confluence Data Center Confluence Server| - 8.3.3 or later  - 8.4.3 or later  - 8.5.2 (Long Term Support release) or later| h2. What You Need to Do For affected versions, we strongly recommend:  * Upgrading to the fixed versions of Confluence Server or Data Center.  ** If unable to upgrade promptly, implement mitigations (refer to the M{_}itigations{_} section in the full advisory).  * Engaging your security team and check for indicators of compromise (refer to the _Threat Detection_ section in the full advisory). For additional details, please see the full advisory here: [https://confluence.atlassian.com/display/SECURITY/CVE-2023-22515+-+Broken+Access+Control+Vulnerability+in+Confluence+Data+Center+and+Server]

Nicole Round made changes - 31/Oct/2023 5:21 AM

Description

Original: h2. Summary of Vulnerability Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.   {panel} _Atlassian Cloud sites are not affected by this vulnerability._ _If your Confluence site is accessed via an [atlassian.net|http://atlassian.net/] domain, it is hosted by Atlassian and is not vulnerable to this issue._ {panel} h2. Affected Versions *Versions prior to 8.0.0 are not affected by this vulnerability.* ||Product||Affected Versions|| |Confluence Data Center and Confluence Server| - 8.0.0  - 8.0.1  - 8.0.2  - 8.0.3  - 8.0.4  - 8.1.0  - 8.1.1  - 8.1.3  - 8.1.4  - 8.2.0  - 8.2.1  - 8.2.2  - 8.2.3  - 8.3.0  - 8.3.1  - 8.3.2  - 8.4.0  - 8.4.1  - 8.4.2  - 8.5.0  - 8.5.1|   h2. Fixed Versions ||Product||Fixed Versions|| |Confluence Data Center Confluence Server| - 8.3.3 or later  - 8.4.3 or later  - 8.5.2 (Long Term Support release) or later| h2. What You Need to Do For affected versions, we strongly recommend:  * Upgrading to the fixed versions of Confluence Server or Data Center.  ** If unable to upgrade promptly, implement mitigations (refer to the M{_}itigations{_} section in the full advisory).  * Engaging your security team and check for indicators of compromise (refer to the _Threat Detection_ section in the full advisory). For additional details, please see the full advisory here: [https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276]

New: h2. Summary of Vulnerability Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.   {panel} _Atlassian Cloud sites are not affected by this vulnerability._ _If your Confluence site is accessed via an [atlassian.net|http://atlassian.net/] domain, it is hosted by Atlassian and is not vulnerable to this issue._ {panel} h2. Affected Versions *Versions prior to 8.0.0 are not affected by this vulnerability.* ||Product||Affected Versions|| |Confluence Data Center and Confluence Server| - 8.0.0  - 8.0.1  - 8.0.2  - 8.0.3  - 8.0.4  - 8.1.0  - 8.1.1  - 8.1.3  - 8.1.4  - 8.2.0  - 8.2.1  - 8.2.2  - 8.2.3  - 8.3.0  - 8.3.1  - 8.3.2  - 8.4.0  - 8.4.1  - 8.4.2  - 8.5.0  - 8.5.1|   h2. Fixed Versions ||Product||Fixed Versions|| |Confluence Data Center Confluence Server| - 8.3.3 or later  - 8.4.3 or later  - 8.5.2 (Long Term Support release) or later| h2. What You Need to Do For affected versions, we strongly recommend:  * Upgrading to the fixed versions of Confluence Server or Data Center.  ** If unable to upgrade promptly, implement mitigations (refer to the M{_}itigations{_} section in the full advisory).  * Engaging your security team and check for indicators of compromise (refer to the _Threat Detection_ section in the full advisory). For additional details, please see the full advisory here: [https://confluence.atlassian.com/display/SECURITY/CVE-2023-22518+-+Improper+Authorization+Vulnerability+in+Confluence+Data+Center+and+Server]

hari made changes - 18/Oct/2023 2:49 AM

Remote Link

New: This issue links to "Page (Confluence)" [ 826020 ]

Lee Berg made changes - 13/Oct/2023 3:40 PM

Remote Link

New: This issue links to "Page (Confluence)" [ 824682 ]

Load more older history items