Atlassian Confluence Unauthorized Admin Account (CVE-2023-22515)
Description
What is the Attack? |
The vulnerability attack is targeting an authentication bypass flaw in Atlassian Confluence Server and Confluence Data Center. The vulnerability is due to insufficient validation of user-supplied inputs. A successful exploitation may create an administrator account on the vulnerable server.
|
What is the Vendor Solution?
|
Atlassian released software updates to the affected products. For more information, click here.
|
What FortiGuard Coverage is available? |
FortiGuard Labs has an IPS signature "Atlassian.Confluence.Unauthorized.Admin.Account.Creation" to detect and block any attack targeting CVE-2023-22515.
FortiGuard Labs also advises to install the latest available patch for the affected products from the vendor as soon as possible. |
Telemetry
✖