June 3, 2024 at 05:09PM SonicWall Capture Labs found a high-severity remote code execution vulnerability (CVE-2024-21683) in Atlassian Confluence. It enables threat actors to execute arbitrary code with network access and macro language privileges. SonicWall released signatures to protect customers and warned about the available exploit code. Users are urged to upgrade due to Confluence … Read more
February 7, 2024 at 04:40AM The blog entry discusses the critical Atlassian Confluence vulnerability CVE-2023-22527, which facilitates remote code execution. Update to Confluence version 8.5.4 or 8.5.5 to address the flaw. The vulnerability’s technical breakdown, exploitation scenarios, and available security solutions are detailed, underscoring the urgency for patching and utilizing security measures. The meeting notes … Read more
January 22, 2024 at 08:45AM Security researchers detect exploitation attempts for the critical CVE-2023-22527 vulnerability affecting older Atlassian Confluence servers, potentially exposing them to remote code execution. Atlassian provides fixes for affected versions and reports multiple attempts to exploit the flaw, mainly from Russian IP addresses. Server administrators are advised to update to a secure … Read more
January 16, 2024 at 01:10PM A critical unauthenticated remote code execution (RCE) vulnerability affects Atlassian Confluence Data Center and Confluence Server versions released before Dec. 5 (CVE-2023-22527). The bug carries a 10/10 severity rating and affects versions 8.0.x to 8.5.3. Organizations should update to the latest versions to defend against potential cyber-attacks, as no mitigations … Read more
December 7, 2023 at 05:36AM Atlassian has issued critical patches for remote code execution vulnerabilities in Confluence and other products to address security flaws. Takeaways from Meeting: 1. Atlassian has issued patches for several critical-severity remote code execution vulnerabilities. 2. The vulnerabilities affect Confluence and several other Atlassian products. 3. Users are advised to apply … Read more
November 10, 2023 at 05:23AM Cerber ransomware has been exploiting the Atlassian Confluence vulnerability CVE-2023-22518. The vulnerability allows unauthorized users to reset and create a Confluence instance administrator account, granting them full admin privileges. Cerber previously targeted Atlassian in 2021. The ransomware uses an encoded PowerShell command to download and execute a remote payload, encrypting … Read more
November 7, 2023 at 01:55PM Active cyberattacks targeting unpatched Atlassian Confluence Data Center and Server technology have increased the vulnerability’s CVSS score from 9.1 to 10, the most critical rating. All versions of Atlassian Confluence Data Center and Server are affected, except for cloud instances. The attacks exploit an improper authorization flaw, allowing unauthorized access … Read more
November 6, 2023 at 12:40PM Attackers are exploiting a critical security flaw in Atlassian Confluence to encrypt files with Cerber ransomware. The flaw, tracked as CVE-2023-22518, received a severity rating of 9.1/10 and affects all versions of Confluence Data Center and Confluence Server software. Although there are currently no reports of active exploitation, Atlassian has … Read more
October 17, 2023 at 07:12AM The US cybersecurity agency CISA, together with the FBI and MS-ISAC, has issued a warning about a zero-day vulnerability in Atlassian Confluence Data Center and Server. Tracked as CVE-2023-22515, the flaw has been exploited by a nation-state threat actor since September 14. It allows unauthorized access, creation of administrative accounts, … Read more