Critical flaws in Atlassian product being exploited: ACSC

By Dylan Bushell-Embling
Tuesday, 07 November, 2023

Critical flaws in Atlassian product being exploited: ACSC

The Australian Cyber Security Centre (ACSC) has urged Atlassian customers to take immediate action to address two critical vulnerabilities discovered in Atlassian’s Confluence Data Center and Server product.

The newly discovered vulnerabilities, CVE-2023-22515 and CVE-2023-22518, are being actively exploited, reports to the ACSC indicate.

The centre warned it has assessed that there is “potentially significant exposure to these vulnerabilities in Australia”, that “any future exploitation would have significant impact to Australian systems and networks”.

CVE-2023-22515 could allow any malicious actor to create unauthorised Confluence administrator accounts and access Confluence instances, according to Atlassian’s threat advisory. It affects Confluence Data Center and Confluence Server products between version 8.0.0 and 8.5.1.

Meanwhile, CVE-2023-22518 allows attackers to cause data loss on vulnerable instances. Atlassian CISO Bala Sathiamurthy said the company has discovered that customers running unpatched systems are vulnerable to significant data loss if exploited by an unauthorised attacker.

Customers running affected versions of the product should patch to a fixed version as a matter of urgency, according to ACSC.

If they are unable to patch immediately, Atlassian has recommended temporary mitigations including backing up instances, removing them from the internet until a patch is applied and monitoring for evidence of compromise such as the presence of newly created accounts or unexpected members of the ‘confluence-administrators’ group.


Related News

IMT sector was Australia's most targeted in 2023: report

The information, media and technology sector has been the Australian industry most targeted...

ISACA identifies gaps in AI knowledge, training and policies

85% of digital trust professionals say they will need to increase their AI skills and knowledge...

VNC accounts for nearly all remote desktop attacks

Virtual Network Computing accounted for 98% of remote desktop attacks recorded by Barracuda last...

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd