The Cybersecurity & Infrastructure Security Agency (CISA), FBI, and MS-ISAC recently released an urgent Joint Advisory on the Atlassian Confluence Vulnerability CVE-2023-22515.
According to the Alert, “this critical vulnerability affects certain versions of Atlassian Confluence Data Center and Server, enabling malicious threat actors to obtain initial access to Confluence instances by creating unauthorized Confluence administrator accounts.”
The vulnerability is being exploited actively as a zero-day vulnerability and the threat actors are able to “continue active exploitation post-patch. Atlassian has rated this vulnerability as critical; CISA, FBI, and MS-ISAC expect widespread, continued exploitation due to ease of exploitation.”
CISA, FBI, and MS-ISAC “strongly encourage network administrators to immediately apply the upgrades provided by Atlassian.” They also urge organizations to “hunt for malicious activity on their networks” using the information provided in the Alert.
Additionally, the Advisory “strongly encourage[s] upgrading to a fixed version or taking servers offline to apply necessary updates.”
Please pass this post along and alert any organizations you know that are using Atlassian to heed to the measures urged by the Advisory.