CVSS: 10.0EPSS: 97%CPEs: 3EXPL: 21CVE-2023-22527 – Atlassian Confluence Data Center and Server Template Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-22527
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin. Resumen de vulnerabilidad. Una vulnerabilidad de inyección de plantilla en versiones anteriores de Confluence Data Center y Server permite que un atacante no autenticado logre RCE en una instancia afectada. • https://github.com/vulncheck-oss/cve-2023-22527 https://github.com/RevoltSecurities/CVE-2023-22527 https://github.com/yoryio/CVE-2023-22527 https://github.com/Boogipop/CVE-2023-22527-Godzilla-MEMSHELL https://github.com/VNCERT-CC/CVE-2023-22527-confluence https://github.com/Manh130902/CVE-2023-22527-POC https://github.com/Chocapikk/CVE-2023-22527 https://github.com/M0untainShley/CVE-2023-22527-MEMSHELL https://github.com/Vozec/CVE-2023-22527 https://github.com/thanhlam-attt/C • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.6EPSS: 0%CPEs: 6EXPL: 0CVE-2024-21674
https://notcve.org/view.php?id=CVE-2024-21674
This High severity Remote Code Execution (RCE) vulnerability was introduced in version 7.13.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.6 and a CVSS Vector of CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N allows an unauthenticated attacker to expose assets in your environment susceptible to exploitation which has high impact to confidentiality, no impact to integrity, no impact to availability, and does not require user interaction. Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: * Confluence Data Center and Server 7.19: Upgrade to a release 7.19.18, or any higher 7.19.x release * Confluence Data Center and Server 8.5: Upgrade to a release 8.5.5 or any higher 8.5.x release * Confluence Data Center and Server 8.7: Upgrade to a release 8.7.2 or any higher release See the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html ). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives ). Esta vulnerabilidad de ejecución remota de código (RCE) de alta gravedad se introdujo en la versión 7.13.0 de Confluence Data Center and Server. Vulnerabilidad de ejecución remota de código (RCE), con una puntuación CVSS de 8,6 y un vector CVSS de CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N /A:N permite que un atacante no autenticado exponga activos en su entorno susceptibles de explotación, lo que tiene un alto impacto en la confidencialidad, ningún impacto en la integridad, ningún impacto en la disponibilidad y no requiere interacción del usuario. Atlassian recomienda que los clientes de Confluence Data Center y Server actualicen a la última versión; si no puede hacerlo, actualice su instancia a una de las versiones fijas admitidas especificadas: * Confluence Data Center y Server 7.19: actualice a una versión 7.19.18, o cualquier versión superior 7.19.x * Confluence Data Center y Server 8.5: actualice a una versión 8.5.5 o cualquier versión superior 8.5.x * Confluence Data Center y Server 8.7: actualice a una versión 8.7.2 o cualquier versión superior Consulte la notas de la versión (https://confluence.atlassian.com/doc/confluence-release-notes-327.html). • https://confluence.atlassian.com/security/security-bulletin-january-16-2024-1333335615.html https://jira.atlassian.com/browse/CONFSERVER-94066 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-22526
https://notcve.org/view.php?id=CVE-2023-22526
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 7.19.0 of Confluence Data Center. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Confluence Data Center customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Confluence Data Center and Server 7.19: Upgrade to a release 7.19.17, or any higher 7.19.x release Confluence Data Center and Server 8.5: Upgrade to a release 8.5.5 or any higher 8.5.x release Confluence Data Center and Server 8.7: Upgrade to a release 8.7.2 or any higher release See the release notes ([https://confluence.atlassian.com/doc/confluence-release-notes-327.html]). You can download the latest version of Confluence Data Center from the download center ([https://www.atlassian.com/software/confluence/download-archives]). This vulnerability was discovered by m1sn0w and reported via our Bug Bounty program Esta vulnerabilidad RCE (ejecución remota de código) de alta gravedad se introdujo en la versión 7.19.0 de Confluence Data Center. Esta vulnerabilidad RCE (ejecución remota de código), con una puntuación CVSS de 7,2, permite a un atacante autenticado ejecutar código arbitrario que tiene un alto impacto en la confidencialidad, un alto impacto en la integridad, un alto impacto en la disponibilidad y no requiere interacción del usuario. Atlassian recomienda que los clientes de Confluence Data Center actualicen a la última versión; si no pueden hacerlo, actualicen su instancia a una de las versiones fijas admitidas especificadas: Confluence Data Center y Server 7.19: actualice a una versión 7.19.17 o superior. Versión 7.19.x Confluence Data Center y Server 8.5: actualice a una versión 8.5.5 o superior. 8.5.x Confluence Data Center y Server 8.7: actualice a una versión 8.7.2 o superior. • https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615 https://jira.atlassian.com/browse/CONFSERVER-93516 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-22522
https://notcve.org/view.php?id=CVE-2023-22522
This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page. Using this approach, an attacker is able to achieve Remote Code Execution (RCE) on an affected instance. Publicly accessible Confluence Data Center and Server versions as listed below are at risk and require immediate attention. See the advisory for additional details Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. • https://confluence.atlassian.com/pages/viewpage.action?pageId=1319570362 https://jira.atlassian.com/browse/CONFSERVER-93502 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 95%CPEs: 10EXPL: 8CVE-2023-22518 – Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
https://notcve.org/view.php?id=CVE-2023-22518
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. Todas las versiones de Confluence Data Center y Server se ven afectadas por esta vulnerabilidad no explotada. • https://github.com/RevoltSecurities/CVE-2023-22518 https://github.com/ForceFledgling/CVE-2023-22518 https://github.com/0x0d3ad/CVE-2023-22518 https://github.com/Lilly-dox/Exploit-CVE-2023-22518 https://github.com/davidfortytwo/CVE-2023-22518 https://github.com/C1ph3rX13/CVE-2023-22518 https://github.com/bibo318/CVE-2023-22518 http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html https://confluence.atlassian.com/pages/viewpage.action?pageId=131147390 • CWE-863: Incorrect Authorization •