Known Exploited Vulnerability
9.8
CRITICAL
CVE-2023-22527
Atlassian Confluence Data Center and Server Templa - [Actively Exploited]
Description

A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.

INFO

Published Date :

Jan. 16, 2024, 5:15 a.m.

Last Modified :

Aug. 14, 2024, 3:23 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9
CISA Notification
CISA KEV (Known Exploited Vulnerabilities)

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.

Description :

Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can lead to remote code execution.

Required Action :

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notes :

https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html

Public PoC/Exploit Available at Github

CVE-2023-22527 has a 62 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2023-22527 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Atlassian confluence_server
2 Atlassian confluence_data_center
: Total Affected Vendor : 1 | Products : 2
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-22527.

URL Resource
http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html Exploit Third Party Advisory VDB Entry
https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615 Vendor Advisory
https://jira.atlassian.com/browse/CONFSERVER-93833 Issue Tracking Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
admin772/POC

None

Updated: 1 week ago
0 stars 0 fork 0 watcher
Born at : Sept. 9, 2024, 1:28 a.m. This repo has been linked 128 different CVEs too.
Profile Photo
WhosGa/MyWiki

None

HTML

Updated: 1 week ago
0 stars 0 fork 0 watcher
Born at : Sept. 4, 2024, 9:24 a.m. This repo has been linked 128 different CVEs too.
Profile Photo
adminlove520/pocWiki

None

HTML

Updated: 1 month ago
5 stars 0 fork 0 watcher
Born at : Aug. 2, 2024, 6:07 a.m. This repo has been linked 123 different CVEs too.
Profile Photo
vulncheck-oss/go-exploit-cache

A utility for producing an HTTP cache database to use with go-exploit

Makefile Go

Updated: 1 week, 2 days ago
7 stars 0 fork 0 watcher
Born at : July 16, 2024, 6:30 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
ChalkingCode/ExploitedDucks

A super simple Cisa KEV lookup CLI tool leveraging DuckDB

Python

Updated: 1 month, 2 weeks ago
1 stars 0 fork 0 watcher
Born at : July 2, 2024, 7:56 p.m. This repo has been linked 33 different CVEs too.
Profile Photo
onewinner/VulToolsKit

红队武器库漏洞利用工具合集整理

HTML

Updated: 1 week, 1 day ago
188 stars 30 fork 30 watcher
Born at : June 27, 2024, 9:28 a.m. This repo has been linked 54 different CVEs too.
Profile Photo
AboSteam/POPC

None

Updated: 1 month, 3 weeks ago
1 stars 0 fork 0 watcher
Born at : June 14, 2024, 6:54 a.m. This repo has been linked 95 different CVEs too.
Profile Photo
BBD-YZZ/Confluence-RCE

confluence rce (CVE-2021-26084, CVE-2022-26134, CVE-2023-22527)

Python

Updated: 3 weeks ago
2 stars 0 fork 0 watcher
Born at : May 29, 2024, 3:20 a.m. This repo has been linked 3 different CVEs too.
Profile Photo
ttate10/CVE-2023-22527

PoC for the NAPLISTENER exploit: https://nvd.nist.gov/vuln/detail/CVE-2023-22527 (Purpose: To practice automating exploits)

Python

Updated: 4 months ago
0 stars 0 fork 0 watcher
Born at : May 13, 2024, 9:04 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
toxyl/lscve

CLI utility to query Shodan's CVE DB

cve-search shodan shodan-client

Go

Updated: 4 months ago
0 stars 0 fork 0 watcher
Born at : May 12, 2024, 10 a.m. This repo has been linked 31 different CVEs too.
Profile Photo
k3ppf0r/2024-PocLib

此项目的POC来源为2024年以来各大威胁情报的高危漏洞复现,POC已通过nuclei或xray武器化,本项目旨在为网络安全爱好者们提供一点参考资料,可供个人研究使用,共勉

Shell Batchfile Python ASP.NET Java Classic ASP PHP

Updated: 1 week, 3 days ago
200 stars 34 fork 34 watcher
Born at : May 8, 2024, 11:50 a.m. This repo has been linked 21 different CVEs too.
Profile Photo
wjlin0/poc-doc

None

HTML Python

Updated: 2 months, 2 weeks ago
13 stars 1 fork 1 watcher
Born at : April 17, 2024, 8:46 a.m. This repo has been linked 100 different CVEs too.
Profile Photo
jarrodcoulter/jankyjred-cyphercon

None

Java JavaScript HTML

Updated: 5 months, 1 week ago
0 stars 0 fork 0 watcher
Born at : March 31, 2024, 3:42 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
badsectorlabs/ludus_vulhub

An Ansible role that runs Vulhub environments on a Linux system.

Updated: 3 weeks, 6 days ago
12 stars 0 fork 0 watcher
Born at : March 6, 2024, 6:11 p.m. This repo has been linked 2 different CVEs too.
Profile Photo
vulncheck-oss/cve-2023-22527

Three go-exploits exploiting CVE-2023-22527 to execute arbitrary code in memory

Dockerfile Makefile Go Java

Updated: 1 month, 2 weeks ago
3 stars 2 fork 2 watcher
Born at : March 4, 2024, 7:09 p.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-22527 vulnerability anywhere in the article.

  • The Hacker News
Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw

Software Security / Threat Intelligence Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in Progress Software WhatsUp Gol ... Read more

Published Date: Sep 13, 2024 (3 days, 8 hours ago)
CVE-2024-6671 CVE-2024-6670 CVE-2024-4885 CVE-2023-22527
  • Cybersecurity News
Fileless Remcos RAT Campaign Leverages CVE-2017-0199 Flaw

Excel document containing pixelated screenshot | Image: TrellixIn a newly uncovered advanced malware campaign, threat actors are using a complex, fileless approach to deliver the Remcos Remote Access ... Read more

Published Date: Sep 13, 2024 (3 days, 18 hours ago)
CVE-2024-45076 CVE-2024-6500 CVE-2023-22527 CVE-2017-0199
  • Cybersecurity News
Fortinet Faces Potential Data Breach, Customer Data at Risk

In a concerning development for cybersecurity giant Fortinet, a potential data breach has come to light, raising alarms about the security of sensitive customer information. The incident reportedly af ... Read more

Published Date: Sep 12, 2024 (4 days, 5 hours ago)
CVE-2024-45076 CVE-2024-6500 CVE-2023-48788 CVE-2023-22527
  • Cybersecurity News
WhatsUp Gold Under Attack: New RCE Vulnerabilities Exploited

Timeline how the WhatsUp Gold Active Monitor PowerShell Script was abused | Image: Trend MicroTrend Micro researchers have uncovered a series of remote code execution (RCE) attacks targeting WhatsUp G ... Read more

Published Date: Sep 12, 2024 (4 days, 9 hours ago)
CVE-2024-45076 CVE-2024-6671 CVE-2024-6670 CVE-2024-6500 CVE-2023-22527
  • Cybersecurity News
Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401 to Launch Malware Campaigns

Cybersecurity researchers at FortiGuard Labs have observed multiple campaigns targeting a critical vulnerability in GeoServer, an open-source geospatial data server. Identified as CVE-2024-36401, this ... Read more

Published Date: Sep 07, 2024 (1 week, 2 days ago)
CVE-2024-6500 CVE-2024-20419 CVE-2024-36401 CVE-2023-22527
  • Cybersecurity News
Webmin/Virtualmin Vulnerability Opens Door to Loop DoS Attacks (CVE-2024-2169)

System administrators and web hosting providers relying on the popular Webmin and Virtualmin control panels are urged to take immediate action following the disclosure of a critical vulnerability that ... Read more

Published Date: Sep 05, 2024 (1 week, 4 days ago)
CVE-2024-42005 CVE-2024-36451 CVE-2024-2169 CVE-2023-22527 CVE-2023-27532
  • TheCyberThrone
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – August, 2024

Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending August, 2024Subscribers favorite #1Velvet Ant AP ... Read more

Published Date: Sep 01, 2024 (2 weeks, 1 day ago)
CVE-2024-7971 CVE-2024-33536 CVE-2024-33535 CVE-2024-33533 CVE-2024-20399 CVE-2024-23897 CVE-2023-22527
  • TheCyberThrone
North Korean Citrine Sleet behind CVE-2024-7971 exploitation

Microsoft’s threat intelligence team discovered that a known North Korean threat actor exploiting a Chrome remote code execution flaw patched by Google earlier this month.The vulnerability, tracked as ... Read more

Published Date: Sep 01, 2024 (2 weeks, 1 day ago)
CVE-2024-7971 CVE-2024-38106 CVE-2023-22527
  • TheCyberThrone
Fortra fixes vulnerabilities in FileCatalyst Workflow

Fortra has released patches for two vulnerabilities in FileCatalyst Workflow impacts version  5.1.6 Build 139 and earlier.The first vulnerability tracked as CVE-2024-6633 with a CVSS score of 9.8 is d ... Read more

Published Date: Aug 31, 2024 (2 weeks, 2 days ago)
CVE-2024-6633 CVE-2024-6632 CVE-2024-7971 CVE-2023-22527
  • TheCyberThrone
APT29 compromised Mongolia with NSO and Intellexa tools

Google’s Threat Analysis Group has uncovered that Russian government-backed APT29 hackers targetting Mongolian government websites using exploits strikingly similar to those developed by commercial sp ... Read more

Published Date: Aug 31, 2024 (2 weeks, 2 days ago)
CVE-2024-7971 CVE-2024-5274 CVE-2024-4671 CVE-2023-22527 CVE-2023-41993
  • TheCyberThrone
Atlassian flaw CVE-2023-22527 exploited in Cryptomining campaigns

The critical template injection vulnerability in the Atlassian Confluence Data Center and Confluence Server is being actively exploited for cryptojacking campaigns that allow remote attackers to execu ... Read more

Published Date: Aug 30, 2024 (2 weeks, 3 days ago)
CVE-2024-7971 CVE-2023-22527
  • Cybersecurity News
Godzilla Backdoor: A Stealthy Threat Targeting Atlassian Confluence Flaw (CVE-2023-22527)

Attack chain | Image: TrendMicroA recent discovery by cybersecurity researchers at Trend Micro has unveiled a sophisticated new attack vector targeting Atlassian Confluence servers, leveraging the cri ... Read more

Published Date: Aug 30, 2024 (2 weeks, 3 days ago)
CVE-2024-6671 CVE-2024-6670 CVE-2024-6768 CVE-2023-22527 CVE-2018-0824
  • The Hacker News
Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns

Cryptojacking / Vulnerability Threat actors are actively exploiting a now-patched, critical security flaw impacting the Atlassian Confluence Data Center and Confluence Server to conduct illicit crypto ... Read more

Published Date: Aug 30, 2024 (2 weeks, 3 days ago)
CVE-2024-7965 CVE-2023-22527
  • Trend Micro
Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence

Malware Trend Micro discovered that old Atlassian Confluence versions that were affected by CVE-2023-22527 are being exploited using a new in-memory fileless backdoor. Summary Trend Micro researchers ... Read more

Published Date: Aug 30, 2024 (2 weeks, 3 days ago)
CVE-2023-22527
  • TheCyberThrone
CISA adds CVE-2024-7965 Chrome bug to its KEV catalog

The U.S. CISA added Google Chrome vulnerability to its Known Exploited Vulnerability Catalog following the mass exploitation in the wild.CVE-2024-7965; Google Chromium V8 contains an inappropriate imp ... Read more

Published Date: Aug 29, 2024 (2 weeks, 4 days ago)
CVE-2024-7971 CVE-2024-7965 CVE-2023-22527
  • TheCyberThrone
APT-C-60 Exploits WPS Office Vulnerabilities

Security researchers from ESET have identified two vulnerabilities in WPS Office for Windows, widely exploited by the APT-C-60 cyberespionage group, which is aligned with South Korea.APT-C-60, known f ... Read more

Published Date: Aug 29, 2024 (2 weeks, 4 days ago)
CVE-2024-7971 CVE-2024-7965 CVE-2024-7263 CVE-2024-7262 CVE-2023-22527
  • TheCyberThrone
RockWell Automation fixes Several vulnerabilities

Rockwell Automation has released patches for multiple vulnerabilities discovered in its ThinManager ThinServer software. These vulnerabilities, pose significant risks to systems running affected versi ... Read more

Published Date: Aug 29, 2024 (2 weeks, 4 days ago)
CVE-2024-7988 CVE-2024-7987 CVE-2024-7986 CVE-2024-7971 CVE-2023-22527
  • Dark Reading
Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking

Source: KT Design via Adobe Stock PhotoThreat actors continue to exploit a critical remote code execution (RCE) Atlassian bug discovered in January, with new attack vectors that turn targeted cloud en ... Read more

Published Date: Aug 28, 2024 (2 weeks, 5 days ago)
CVE-2023-22527
  • TheCyberThrone
WordPress WPML Plugin Critical Vulnerability CVE-2024-6386

Researchers have uncovered a critical vulnerability in WPML multilingual CMS Plugin for WordPress that leads to a Remote Code Execution, which potentially allows the compromise of impacted websites.Th ... Read more

Published Date: Aug 28, 2024 (2 weeks, 5 days ago)
CVE-2024-7971 CVE-2024-6386 CVE-2024-38856 CVE-2023-22527
  • Cybersecurity News
Cryptojacking Campaign Exploits Atlassian Confluence CVE-2023-22527 Vulnerability

Attack chain used in the second attack vectorTrend Micro researchers have uncovered a widespread cryptojacking campaign leveraging a critical vulnerability (CVE-2023-22527) in the Atlassian Confluence ... Read more

Published Date: Aug 28, 2024 (2 weeks, 5 days ago)
CVE-2024-6500 CVE-2024-7532 CVE-2023-22527
  • TheCyberThrone
CISA adds Apache OFBiz Vulnerability CVE-2024-38856 to KEV Catalog

The U.S. CISA adds Apache OFBiz vulnerability to its KEV catalog following the mass exploitationCVE-2024-38856 : Apache OFBiz Incorrect Authorization Vulnerability: Apache OFBiz contains an incorrect ... Read more

Published Date: Aug 28, 2024 (2 weeks, 5 days ago)
CVE-2024-7971 CVE-2024-6386 CVE-2024-38856 CVE-2023-22527
  • Trend Micro
Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem

Exploits & Vulnerabilities A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system. Summary The critical vu ... Read more

Published Date: Aug 28, 2024 (2 weeks, 5 days ago)
CVE-2023-22527
  • TheCyberThrone
CISA adds CV-2024-7971 to its KEV Catalog

The US CISA has added Google Chrome vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.CVE-2024-7971 Google Chromium V8 contains a type of confusion ... Read more

Published Date: Aug 27, 2024 (2 weeks, 6 days ago)
CVE-2024-7971 CVE-2024-7965 CVE-2023-22527
  • TheCyberThrone
Google addressed 10th Zeroday in Chrome CVE-2024-7965

Google has released a patch to address a new Chrome zero-day vulnerability that is actively exploited.The vulnerability tracked as CVE-2024-7965 with a CVSS score of 8.8 is an inappropriate implementa ... Read more

Published Date: Aug 27, 2024 (2 weeks, 6 days ago)
CVE-2024-7971 CVE-2024-7965 CVE-2024-4671 CVE-2023-22527
  • TheCyberThrone
CISA adds Versa Networks Flaw CVE-2024-39717 to its KEV Catalog

The U.S. CISA has added CVE-2024-39717 to its Know exploited vulnerability catalog following the massive exploitation evidenceThis vulnerability CVE-2024-39717 affects Versa Networks’ Director GUI, sp ... Read more

Published Date: Aug 26, 2024 (3 weeks ago)
CVE-2024-39717 CVE-2024-7971 CVE-2024-6800 CVE-2023-22527
  • TheCyberThrone
GitHub fixes several vulnerabilities including CVE-2024-6800

GitHub has addressed several vulnerabilities in GitHub Enterprise Server (GHES) that could have allowed attackers to gain unauthorized access and manipulate repositories.The most critical vulnerabilit ... Read more

Published Date: Aug 25, 2024 (3 weeks, 1 day ago)
CVE-2024-39717 CVE-2024-7971 CVE-2024-7711 CVE-2024-6800 CVE-2024-6337 CVE-2024-38054 CVE-2023-22527
  • TheCyberThrone
PoC Exploit for Microsoft bug CVE-2024-38054 released

Security researcher ‘Frost’ has released proof-of-concept exploit code for the high-severity vulnerability in the Kernel Streaming WOW Thunk Service Driver could enable local attackers to escalate pri ... Read more

Published Date: Aug 25, 2024 (3 weeks, 1 day ago)
CVE-2024-7971 CVE-2024-6800 CVE-2024-38054 CVE-2024-20399 CVE-2023-22527
  • TheCyberThrone
Velvet Ant APT exploits Cisco bug CVE-2024-20399

Security researchers discovered that the China-linked APT group Velvet Ant has exploited the recently disclosed zero-day CVE-2024-20399 in Cisco switches to take over the network devices.Last month, C ... Read more

Published Date: Aug 24, 2024 (3 weeks, 2 days ago)
CVE-2024-28987 CVE-2024-7971 CVE-2024-38054 CVE-2024-20399 CVE-2023-22527
  • TheCyberThrone
SolarWinds fixes CVE-2024-28987 in WHD Product

SolarWinds has released an update to a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated attackers to gain unauthorized access to vulnerable instances.The v ... Read more

Published Date: Aug 24, 2024 (3 weeks, 2 days ago)
CVE-2024-40766 CVE-2024-28987 CVE-2024-7971 CVE-2024-28986 CVE-2024-20399 CVE-2023-22527
  • TheCyberThrone
Sonicwall fixes CVE-2024-40766 in SonicOS

SonicWall has released patch for a critical vulnerability  affecting their SonicOS and could allow unauthorized access to SonicWall firewalls, potentially leading to a complete system compromise.The v ... Read more

Published Date: Aug 24, 2024 (3 weeks, 2 days ago)
CVE-2024-40766 CVE-2024-28987 CVE-2024-7971 CVE-2023-22527
  • TheCyberThrone
Microsoft fixes Zeroday vulnerability CVE-2024-7971 in EDGE Browser

Microsoft has released patches for a critical vulnerability in EDGE Browser that is currently being exploited by malicious actors.This zero-day flaw, tracked as CVE-2024-7971, exists within Google Chr ... Read more

Published Date: Aug 23, 2024 (3 weeks, 3 days ago)
CVE-2024-41879 CVE-2024-38207 CVE-2024-38210 CVE-2024-38209 CVE-2024-38208 CVE-2024-7971 CVE-2023-22527
  • Cybersecurity News
Urgent Edge Security Update: Microsoft Patches Zero-day & RCE Vulnerabilities

Microsoft has released an urgent security update for its Edge browser, patching a critical vulnerability that is currently being exploited by malicious actors. This zero-day flaw, tracked as CVE-2024- ... Read more

Published Date: Aug 23, 2024 (3 weeks, 3 days ago)
CVE-2024-38210 CVE-2024-38209 CVE-2024-7971 CVE-2024-42005 CVE-2024-38529 CVE-2024-37906 CVE-2023-22527 CVE-2023-36735 CVE-2023-27532
  • Cybersecurity News
Critical Vulnerabilities Uncovered in Progress WhatsUp Gold (CVE-2024-6670 & CVE-2024-6671)

The Progress WhatsUp Gold team has recently disclosed multiple critical vulnerabilities affecting all versions of the software released before 2024.0.0. These vulnerabilities, identified as CVE-2024-6 ... Read more

Published Date: Aug 23, 2024 (3 weeks, 3 days ago)
CVE-2024-6672 CVE-2024-6671 CVE-2024-6670 CVE-2024-42005 CVE-2024-38529 CVE-2024-37906 CVE-2024-4885 CVE-2023-22527 CVE-2023-27532
  • TheCyberThrone
CISA adds multiple vulnerabilities to its KEV catalog

The U.S. CISA has added 4 vulnerabilities to it’d Known Exploited Vulnerabilities Catalog (KEV) belongs to Dahua, Microsoft, and Linux products based on the mass exploitationCVE-2022-0185Linux Kernel ... Read more

Published Date: Aug 22, 2024 (3 weeks, 4 days ago)
CVE-2024-7971 CVE-2023-22527 CVE-2022-0185 CVE-2021-33045 CVE-2021-33044 CVE-2021-31196
  • TheCyberThrone
Google fixes ninth Zeroday CVE-2024-7971 in Chrome

Google released an emergency security update to address a Chrome zero-day vulnerability, tracked as CVE-2024-7971, that is actively exploited.The vulnerability is a type confusion issue that resides i ... Read more

Published Date: Aug 22, 2024 (3 weeks, 4 days ago)
CVE-2024-7971 CVE-2024-38810 CVE-2024-5274 CVE-2024-4947 CVE-2024-4761 CVE-2024-4671 CVE-2024-3159 CVE-2024-2887 CVE-2024-2886 CVE-2024-0519 ...+1 more CVE
  • TheCyberThrone
Spring Security fixes CVE-2024-38810

A high-severity flaw has been discovered in Spring Security, potentially allowing unauthorized access to sensitive data within affected applications.Spring Security’s powerful method security features ... Read more

Published Date: Aug 22, 2024 (3 weeks, 4 days ago)
CVE-2024-7971 CVE-2024-21689 CVE-2024-38810 CVE-2023-22527
  • TheCyberThrone
Atlassian fixes CVE-2024-21689 vulnerability in Bamboo

Atlassian has issued a patch for a high severity vulnerability in its Bamboo Data Center and Server products, which is a Remote Code Execution.The vulnerability tracked as CVE-2024-21689 with a CVSS s ... Read more

Published Date: Aug 21, 2024 (3 weeks, 5 days ago)
CVE-2024-7971 CVE-2024-21689 CVE-2024-38810 CVE-2023-22527
  • TheCyberThrone
Microsoft Flaw CVE-2024-38193 exploited by Lazarus Group

During this month patch Tuesday, microsoft addressed nearly 90 flaws, some of which have already been exploited by hackers.One specific vulnerability, CVE-2024-38193 with a CVSS score of 7.8, is a  Br ... Read more

Published Date: Aug 20, 2024 (3 weeks, 6 days ago)
CVE-2024-7971 CVE-2024-38193 CVE-2023-22527
  • TheCyberThrone
F5 fixes NGINX and BIG-IP Vulnerabilities

F5 has recently released security advisories addressing vulnerabilities in its products. These vulnerabilities, if exploited, could lead to denial-of-service (DoS) attacks and unauthorized access, dis ... Read more

Published Date: Aug 20, 2024 (3 weeks, 6 days ago)
CVE-2024-7971 CVE-2024-39809 CVE-2024-39792 CVE-2024-38193 CVE-2024-23897 CVE-2023-22527
  • TheCyberThrone
CISA adds Jenkins bug CVE-2024-23897 to its KEV Catalog

The U.S. CISA added a Jenkins Command Line Interface (CLI) Path Traversal vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.Jenkins has addressed the vulnerability tracked as CVE-2024 ... Read more

Published Date: Aug 20, 2024 (3 weeks, 6 days ago)
CVE-2024-7971 CVE-2024-7593 CVE-2024-2024 CVE-2024-23897 CVE-2023-22527 CVE-2023-43770
  • TheCyberThrone
CISA adds Jenkins bug CVE-2024-23897 to its KEV Catalog

The U.S. CISA added a Jenkins Command Line Interface (CLI) Path Traversal vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.Jenkins has addressed the vulnerability tracked as CVE-2024 ... Read more

Published Date: Aug 19, 2024 (3 weeks, 6 days ago)
CVE-2024-7971 CVE-2024-7593 CVE-2024-2024 CVE-2024-23897 CVE-2023-22527 CVE-2023-43770
  • TheCyberThrone
PoC for IvantiTM vulnerability CVE-2024-7593 released

To limit the exploitability of this vulnerability, Ivanti recommends limiting Admin Access to the Management Interface internal to the network through the private / corporate network.The researchers a ... Read more

Published Date: Aug 19, 2024 (4 weeks ago)
CVE-2024-7971 CVE-2024-7593 CVE-2024-23897 CVE-2023-22527 CVE-2023-35082

The following table lists the changes that have been made to the CVE-2023-22527 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Modified Analysis by [email protected]

    Aug. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Jul. 03, 2024

    Action Type Old Value New Value
    Added CWE CISA-ADP CWE-74
  • Modified Analysis by [email protected]

    Jun. 10, 2024

    Action Type Old Value New Value
    Changed Reference Type http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html No Types Assigned http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html Exploit, Third Party Advisory, VDB Entry
    Changed Reference Type https://jira.atlassian.com/browse/CONFSERVER-93833 Permissions Required https://jira.atlassian.com/browse/CONFSERVER-93833 Issue Tracking, Vendor Advisory
    Changed CPE Configuration OR *cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (excluding) 8.5.4 *cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* versions from (including) 8.7.0 up to (excluding) 8.7.1 OR *cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (excluding) 8.5.4 *cpe:2.3:a:atlassian:confluence_data_center:8.7.0:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Jan. 26, 2024

    Action Type Old Value New Value
    Added Reference Atlassian http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html [No types assigned]
  • CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725

    Jan. 25, 2024

    Action Type Old Value New Value
    Added Vulnerability Name Atlassian Confluence Data Center and Server Template Injection Vulnerability
    Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
    Added Due Date 2024-02-14
    Added Date Added 2024-01-24
  • Initial Analysis by [email protected]

    Jan. 24, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615 No Types Assigned https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615 Vendor Advisory
    Changed Reference Type https://jira.atlassian.com/browse/CONFSERVER-93833 No Types Assigned https://jira.atlassian.com/browse/CONFSERVER-93833 Permissions Required
    Added CWE NIST CWE-74
    Added CPE Configuration OR *cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (excluding) 8.5.4 *cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* versions from (including) 8.7.0 up to (excluding) 8.7.1
    Added CPE Configuration OR *cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (excluding) 8.5.4
  • CVE Modified by [email protected]

    Jan. 16, 2024

    Action Type Old Value New Value
    Changed Description Summary of Vulnerability A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin. See “What You Need to Do” for detailed instructions. {panel:bgColor=#deebff} Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. {panel} Affected Versions ||Product||Affected Versions|| |Confluence Data Center and Server|8.0.x 8.1.x 8.2.x 8.3.x 8.4.x 8.5.0 8.5.1 8.5.2 8.5.3| Fixed Versions ||Product||Fixed Versions|| |Confluence Data Center and Server|8.5.4 (LTS)| |Confluence Data Center|8.6.0 or later (Data Center Only) 8.7.1 or later (Data Center Only)| What You Need To Do Immediately patch to a fixed version Atlassian recommends that you patch each of your affected installations to the latest version. The listed Fixed Versions are no longer the most up-to-date versions and do not protect your instance from other non-critical vulnerabilities as outlined in Atlassian’s January Security Bulletin. ||Product||Fixed Versions||Latest Versions|| |Confluence Data Center and Server|8.5.4 (LTS)|8.5.5 (LTS)| |Confluence Data Center|8.6.0 or later (Data Center Only) 8.7.1 or later (Data Center Only)|8.7.2 or later (Data Center Only)| For additional details, please see full advisory. A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.
  • CVE Modified by [email protected]

    Jan. 16, 2024

    Action Type Old Value New Value
    Changed Description Summary of Vulnerability A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin. See “What You Need to Do” for detailed instructions. {panel:bgColor=#deebff} Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. {panel} Affected Versions ||Product||Affected Versions|| |Confluence Data Center and Server| 8.0.x 8.1.x 8.2.x 8.3.x 8.4.x 8.5.0 8.5.1 8.5.2 8.5.3| Fixed Versions ||Product||Fixed Versions|| |Confluence Data Center and Server|8.5.4 (LTS)| |Confluence Data Center| 8.6.0 or later (Data Center Only) 8.7.1 or later (Data Center Only)| What You Need To Do Immediately patch to a fixed version Atlassian recommends that you patch each of your affected installations to the latest version. The listed Fixed Versions are no longer the most up-to-date versions and do not protect your instance from other non-critical vulnerabilities as outlined in Atlassian’s January Security Bulletin. ||Product||Fixed Versions||Latest Versions|| |Confluence Data Center and Server| 8.5.4 (LTS)| 8.5.5 (LTS) |Confluence Data Center| 8.6.0 or later (Data Center Only) 8.7.1 or later (Data Center Only)| 8.6.3 or later (Data Center Only) 8.7.2 or later (Data Center Only) For additional details, please see full advisory. Summary of Vulnerability A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin. See “What You Need to Do” for detailed instructions. {panel:bgColor=#deebff} Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. {panel} Affected Versions ||Product||Affected Versions|| |Confluence Data Center and Server|8.0.x 8.1.x 8.2.x 8.3.x 8.4.x 8.5.0 8.5.1 8.5.2 8.5.3| Fixed Versions ||Product||Fixed Versions|| |Confluence Data Center and Server|8.5.4 (LTS)| |Confluence Data Center|8.6.0 or later (Data Center Only) 8.7.1 or later (Data Center Only)| What You Need To Do Immediately patch to a fixed version Atlassian recommends that you patch each of your affected installations to the latest version. The listed Fixed Versions are no longer the most up-to-date versions and do not protect your instance from other non-critical vulnerabilities as outlined in Atlassian’s January Security Bulletin. ||Product||Fixed Versions||Latest Versions|| |Confluence Data Center and Server|8.5.4 (LTS)|8.5.5 (LTS)| |Confluence Data Center|8.6.0 or later (Data Center Only) 8.7.1 or later (Data Center Only)|8.7.2 or later (Data Center Only)| For additional details, please see full advisory.
  • CVE Received by [email protected]

    Jan. 16, 2024

    Action Type Old Value New Value
    Added Description Summary of Vulnerability A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin. See “What You Need to Do” for detailed instructions. {panel:bgColor=#deebff} Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. {panel} Affected Versions ||Product||Affected Versions|| |Confluence Data Center and Server| 8.0.x 8.1.x 8.2.x 8.3.x 8.4.x 8.5.0 8.5.1 8.5.2 8.5.3| Fixed Versions ||Product||Fixed Versions|| |Confluence Data Center and Server|8.5.4 (LTS)| |Confluence Data Center| 8.6.0 or later (Data Center Only) 8.7.1 or later (Data Center Only)| What You Need To Do Immediately patch to a fixed version Atlassian recommends that you patch each of your affected installations to the latest version. The listed Fixed Versions are no longer the most up-to-date versions and do not protect your instance from other non-critical vulnerabilities as outlined in Atlassian’s January Security Bulletin. ||Product||Fixed Versions||Latest Versions|| |Confluence Data Center and Server| 8.5.4 (LTS)| 8.5.5 (LTS) |Confluence Data Center| 8.6.0 or later (Data Center Only) 8.7.1 or later (Data Center Only)| 8.6.3 or later (Data Center Only) 8.7.2 or later (Data Center Only) For additional details, please see full advisory.
    Added Reference Atlassian https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615 [No types assigned]
    Added Reference Atlassian https://jira.atlassian.com/browse/CONFSERVER-93833 [No types assigned]
    Added CVSS V3 Atlassian AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-22527 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-22527 weaknesses.

CAPEC-3: Using Leading 'Ghost' Character Sequences to Bypass Input Filters Using Leading 'Ghost' Character Sequences to Bypass Input Filters CAPEC-6: Argument Injection Argument Injection CAPEC-7: Blind SQL Injection Blind SQL Injection CAPEC-8: Buffer Overflow in an API Call Buffer Overflow in an API Call CAPEC-9: Buffer Overflow in Local Command-Line Utilities Buffer Overflow in Local Command-Line Utilities CAPEC-10: Buffer Overflow via Environment Variables Buffer Overflow via Environment Variables CAPEC-13: Subverting Environment Variable Values Subverting Environment Variable Values CAPEC-14: Client-side Injection-induced Buffer Overflow Client-side Injection-induced Buffer Overflow CAPEC-24: Filter Failure through Buffer Overflow Filter Failure through Buffer Overflow CAPEC-28: Fuzzing Fuzzing CAPEC-34: HTTP Response Splitting HTTP Response Splitting CAPEC-42: MIME Conversion MIME Conversion CAPEC-43: Exploiting Multiple Input Interpretation Layers Exploiting Multiple Input Interpretation Layers CAPEC-45: Buffer Overflow via Symbolic Links Buffer Overflow via Symbolic Links CAPEC-46: Overflow Variables and Tags Overflow Variables and Tags CAPEC-47: Buffer Overflow via Parameter Expansion Buffer Overflow via Parameter Expansion CAPEC-51: Poison Web Service Registry Poison Web Service Registry CAPEC-52: Embedding NULL Bytes Embedding NULL Bytes CAPEC-53: Postfix, Null Terminate, and Backslash Postfix, Null Terminate, and Backslash CAPEC-64: Using Slashes and URL Encoding Combined to Bypass Validation Logic Using Slashes and URL Encoding Combined to Bypass Validation Logic CAPEC-67: String Format Overflow in syslog() String Format Overflow in syslog() CAPEC-71: Using Unicode Encoding to Bypass Validation Logic Using Unicode Encoding to Bypass Validation Logic CAPEC-72: URL Encoding URL Encoding CAPEC-76: Manipulating Web Input to File System Calls Manipulating Web Input to File System Calls CAPEC-78: Using Escaped Slashes in Alternate Encoding Using Escaped Slashes in Alternate Encoding CAPEC-79: Using Slashes in Alternate Encoding Using Slashes in Alternate Encoding CAPEC-80: Using UTF-8 Encoding to Bypass Validation Logic Using UTF-8 Encoding to Bypass Validation Logic CAPEC-83: XPath Injection XPath Injection CAPEC-84: XQuery Injection XQuery Injection CAPEC-101: Server Side Include (SSI) Injection Server Side Include (SSI) Injection CAPEC-105: HTTP Request Splitting HTTP Request Splitting CAPEC-108: Command Line Execution through SQL Injection Command Line Execution through SQL Injection CAPEC-120: Double Encoding Double Encoding CAPEC-135: Format String Injection Format String Injection CAPEC-250: XML Injection XML Injection CAPEC-267: Leverage Alternate Encoding Leverage Alternate Encoding CAPEC-273: HTTP Response Smuggling HTTP Response Smuggling
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

97.09 }} 0.22%

score

0.99819

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: