HTTP: Improper Authorization in Confluence Data Center and Server
This signature detects attempts to exploit a known vulnerability against Confluence Data Center and Server. A successful attack can lead to security bypass.
Extended Description
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available toConfluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
Affected Products
Atlassian confluence_server
References
CVE: CVE-2023-22518
Short Name
HTTP:CTS:CONFLUENCE-IMP-AUTH
Severity
Major
Recommended
True
Recommended Action
None
Category
HTTP
Keywords
Authorization CVE-2023-22518 Center Confluence Data Improper Server and in
Release Date
11/09/2023
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3653
False Positive
Unknown
Vendors
Atlassian