Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Atlassian CISO Urges Quick Action to Protect Confluence Instances From Critical Vulnerability

Atlassian warns that a critical vulnerability in Confluence Data Center and Server could lead to significant data loss if exploited.

Confluence exploitation

Enterprise software maker Atlassian on Monday urged all Confluence Data Center and Server customers to patch their instances against a critical-severity vulnerability that can be exploited without authentication.

The security defect, tracked as CVE-2023-22518 (CVSS score of 9.1), is described as an improper authorization bug that impacts all Confluence versions.

While it did not share technical details on the flaw in its advisory, Atlassian instead drew attention to the high impact successful exploitation would have.

“As part of our continuous security assessment processes, we have discovered that Confluence Data Center and Server customers are vulnerable to significant data loss if exploited by an unauthenticated attacker,” Atlassian CISO Bala Sathiamurthy notes.

“There are no reports of active exploitation at this time; however, customers must take immediate action to protect their instances,” Sathiamurthy continues.

According to Atlassian, the vulnerability has no impact on confidentiality, as no data exfiltration can occur from exploiting it.

Advertisement. Scroll to continue reading.

The issue has been addressed with the release of Confluence Data Center and Server versions 7.19.16, 8.3.4, 8.4.4, 8.5.3, and 8.6.1.

Customers that are unable to apply the patches are advised to back up their instances and block internet access to them until they can be patched.

“Instances accessible to the public internet, including those with user authentication, should be restricted from external network access until you can patch,” Atlassian notes.

The company also notes that, as per its policy regarding critical vulnerabilities, the patches will be back ported, and that new maintenance releases for all versions covered by the policy will become available.

“Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue,” the software maker notes.

Related: US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability

Related: Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo

Related: Organizations Warned of Critical Confluence Flaw as Exploitation Continues

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Sherrod DeGrippo has been appointed Head of Threat Intelligence for Palo Alto Networks Unit 42.

Christopher Porter has joined Booz Allen Hamilton as Global Chief Information Security Officer.

Yael Ben Arie has joined exposure validation company Pentera as Chief Product Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.