High Severity RCE Vulnerability in Atlassian’s Confluence Data Center & Server

Atlassian, a leading provider of team collaboration and productivity software, has recently addressed a high severity Remote Code Execution (RCE) vulnerability in its Confluence Data Center & Server. The vulnerability, known as CVE-2023-22508, was introduced in version 6.1.0 of Confluence Data Center & Server and has a CVSS Score of 8.5.

The Vulnerability

The RCE vulnerability allows an authenticated attacker to execute arbitrary code, posing a high impact to confidentiality, integrity, and availability. The vulnerability does not require user interaction, making it particularly dangerous. It was discovered by a private user and reported via Atlassian’s Bug Bounty program.

The Impact

The vulnerability could allow attackers to execute remote code with minimal user interaction. This means that attackers could potentially take full control of systems by exploiting outdated software with these vulnerabilities.

The Solution

Atlassian recommends that users upgrade their instance to the latest version. If an upgrade to the latest version is not possible, users should upgrade to the fixed version: 8.2.0. You can download the latest version of Data Center & Server from the Atlassian download center.

Other Vulnerabilities

Atlassian also addressed two other vulnerabilities in its Confluence Server, Data Center, and Bamboo Data Center products. These include CVE-2023-22505 (Confluence 8.0.0) and CVE-2023-22506 (Bamboo 8.0.0), both of which could allow authenticated attacks to inject and execute remote code with no user interaction.

Conclusion

Atlassian’s swift response to these vulnerabilities underscores the importance of proactive threat intelligence and the role of bug bounty programs in identifying potential threats. Users of Atlassian’s Confluence Data Center & Server are urged to update their systems immediately to mitigate the risk posed by these vulnerabilities.

Further Reading

For more details about the vulnerability, you can visit the CVE-2023-22508 page on Atlassian’s website or the National Vulnerability Database (NVD) page.