claytonvantol.us
SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2023-22515-atlassian-confluence-data-center-and-server.log

CVE-2023-22515 — Atlassian Confluence Data Center and Server Broken Access Control Vulnerability

2023-10-05 • CISA Known Exploited Vulnerability

[event] Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.

> AFFECTED SOFTWARE

Field Value
Vendor Atlassian
Product Confluence Data Center and Server
CVE ID CVE-2023-22515
Date Added 2023-10-05
Due Date 2023-10-13
Ransomware Campaign Known — this vulnerability has been leveraged in ransomware campaigns

> MITIGATION

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Check all affected Confluence instances for evidence of compromise per vendor instructions and report any positive findings to CISA.

Due Date: 2023-10-13

> REFERENCES

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:10 UTC