← volver
CVE-2023-22515

CVE-2023-22515

CVSS 10 CRITICALEPSS 99.2%● KEVCWE-20
En resumen

Una vulnerabilidad crítica en Confluence Data Center y Server permite que atacantes creen cuentas de administrador no autorizadas en instancias expuestas públicamente, obteniendo control total del sistema.

Detalle técnico

Una vulnerabilidad de validación impropia de entrada (CWE-20) en Confluence Data Center y Server permite que atacantes no autenticados creen cuentas de administrador maliciosas a través de una instancia públicamente accesible, eludiendo controles de autenticación y resultando en comprometimiento completo del sistema. Las instancias Confluence Cloud no se ven afectadas.

Resumen generado y traducido por IA a partir de la descripción oficial.
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Productos afectados
Atlassian · Confluence Data CenterAtlassian · Confluence Server
PoCs públicas encontradas30
githubgithub.com/Chocapikk/CVE-2023-22515153githubgithub.com/ad-calcium/CVE-2023-22515110githubgithub.com/ErikWynter/CVE-2023-22515-Scan79githubgithub.com/AIex-3/confluence-hack52githubgithub.com/K4ptor/CVE-2023-2251525githubgithub.com/aaaademo/Confluence-EvilJar23githubgithub.com/youcannotseemeagain/CVE-2023-22515_RCE20githubgithub.com/j3seer/CVE-2023-22515-POC8githubgithub.com/Le1a/CVE-2023-225156githubgithub.com/kh4sh3i/CVE-2023-225155githubgithub.com/spareack/CVE-2023-22515-NSE4githubgithub.com/Vulnmachines/confluence-cve-2023-225153githubgithub.com/LucasPDiniz/CVE-2023-225152githubgithub.com/fyx1t/NSE--CVE-2023-225152githubgithub.com/rxerium/CVE-2023-225151githubgithub.com/iveresk/CVE-2023-225151githubgithub.com/Arkha-Corvus/LetsDefend-SOC235-Atlassian-Confluence-Broken-Access-Control-0-Day-CVE-2023-22515-EventID-1971githubgithub.com/C1ph3rX13/CVE-2023-225151githubgithub.com/dkq-k/cve-2023-22515-10githubgithub.com/DsaHen/cve-2023-22515-exp0githubgithub.com/edsonjt81/CVE-2023-22515-Scan.0githubgithub.com/INTfinityConsulting/cve-2023-225150githubgithub.com/s1d6point7bugcrowd/CVE-2023-22515-check0githubgithub.com/xorbbo/cve-2023-225150githubgithub.com/Onedy1703/CVE-2023-22515-Confluence0githubgithub.com/tranphuc2005/CVE-2023-225150githubgithub.com/vivigotnotime/CVE-2023-22515-Exploit-Script0githubgithub.com/CyberSentinel321/cve-2023-22515-lab0githubgithub.com/dkq-k/CVE-2023-225150cve_referencepacketstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.htmlno verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.htmlhttps://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276https://jira.atlassian.com/browse/CONFSERVER-92475https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22515