Atlassian is urging enterprise administrators to promptly update their on-premises Confluence Data Center and Server installations to address a critical security vulnerability (CVE-2023-22518), which, if exploited by an unauthenticated attacker, could result in “significant data loss.”
CVE-2023-22518 is classified as an improper authorization vulnerability, with no further details disclosed by the Australian software provider.
This vulnerability impacts all versions of Confluence Data Center and Server that precede versions 7.19.16, 8.3.4, 8.4.4, 8.5.3, and 8.6.1.
Atlassian recommends upgrading to a fixed LTS version or a later one for instances that have reached the End of Life (EOL) stage, as they may also be vulnerable.
Atlassian Cloud sites remain unaffected by this vulnerability, with the company stating, “If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.”
While no active exploitation reports have surfaced, Atlassian advises immediate upgrades for all publicly accessible on-premises instances.
For administrators unable to patch immediately, the company suggests creating a backup of the instance and temporarily disconnecting it from the internet. Atlassian also emphasizes that instances accessible to the public internet, even those with user authentication, should be restricted from external network access until the patch can be applied.
Earlier this month, Atlassian released critical patches for Confluence Data Center and Server, addressing CVE-2023-22515, a zero-day vulnerability related to broken access control that was actively exploited by a state-backed threat actor.
0-day and n-day vulnerabilities in Confluence Data Center and Server are frequently targeted by various attackers.