← back
CVE-2023-22527

CVE-2023-22527

CVSS 10 CRITICALEPSS 100.0%● KEVCWE-74
In short

Older versions of Confluence Data Center and Server have a template injection flaw that lets attackers without login credentials run arbitrary code on the server. This is a critical issue requiring immediate patching.

Technical detail

A template injection vulnerability (CWE-74) in affected Confluence versions allows unauthenticated remote code execution through malicious template input. The vulnerability exists in older versions and has been mitigated in current supported releases; exploitation requires only network access to the affected instance.

Summary generated and translated by AI from the official description.
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
Atlassian · Confluence Data CenterAtlassian · Confluence Server
public PoCs found23
githubgithub.com/Boogipop/CVE-2023-22527-Godzilla-MEMSHELL76githubgithub.com/M0untainShley/CVE-2023-22527-MEMSHELL40githubgithub.com/Avento/CVE-2023-22527_Confluence_RCE26githubgithub.com/Manh130902/CVE-2023-22527-POC22githubgithub.com/VNCERT-CC/CVE-2023-22527-confluence19githubgithub.com/Vozec/CVE-2023-2252714githubgithub.com/RevoltSecurities/CVE-2023-2252710githubgithub.com/Chocapikk/CVE-2023-225279githubgithub.com/vulncheck-oss/cve-2023-225276githubgithub.com/BBD-YZZ/Confluence-RCE5githubgithub.com/Privia-Security/CVE-2023-225275githubgithub.com/thanhlam-attt/CVE-2023-225275githubgithub.com/adminlove520/CVE-2023-225275githubgithub.com/C1ph3rX13/CVE-2023-225274githubgithub.com/yoryio/CVE-2023-225274githubgithub.com/Drun1baby/CVE-2023-225272githubgithub.com/Niuwoo/CVE-2023-225272githubgithub.com/mylo-2001/AtlassianPwn1githubgithub.com/MaanVader/CVE-2023-22527-POC1githubgithub.com/kh4sh3i/CVE-2023-225271githubgithub.com/thompson005/CVE-2023-225270githubgithub.com/YongYe-Security/CVE-2023-225270cve_referencepacketstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.htmlhttps://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615https://jira.atlassian.com/browse/CONFSERVER-93833https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22527https://www.vicarius.io/vsociety/posts/pwning-confluence-via-ognl-injection-for-fun-and-learning-cve-2023-22527