CVE-2023-22515: Atlassian Confluence Data Center and Server Broken Access Control Vulnerability

Published Oct 4, 2023
·
Updated

Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.

Other sources

Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

Affected Software

7 affected components
Atlassian Confluence Data Center and Server
Atlassian Confluence Data Center>=8.0.0<8.3.3
Atlassian Confluence Data Center>=8.4.0<8.4.3
Atlassian Confluence Data Center>=8.5.0<8.5.2
Atlassian Confluence Server>=8.0.0<8.3.3
Atlassian Confluence Server>=8.4.0<8.4.3
Atlassian Confluence Server>=8.5.0<8.5.2

Remediation

Information

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Check all affected Confluence instances for evidence of compromise per vendor instructions and report any positive findings to CISA.

Event History

Oct 4, 2023
CVE Published
via MITRE·02:00 PM
Data Sourced
via MITRE·02:00 PM
DescriptionSeverityWeakness
Data Sourced
via NVD·02:15 PM
DescriptionSeverityWeaknessAffected Software
Oct 5, 2023
Known Exploited
via CISA·12:00 AM
Known Ransomware
via CISA·12:00 AM
Nov 8, 2023
News Published
02:00 PM
Feb 8, 2024
News Published
via The Register·07:28 AM
News Published
via The Register·07:31 AM
Feb 20, 58200
Event
02:10 AM
Invalid Date
News Published
Invalid Date

Peer vulnerabilities

Found alongside the following vulnerabilities.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is CVE-2023-22515?

CVE-2023-22515 is a privilege escalation vulnerability in Atlassian Confluence Data Center and Server, which allows external attackers to create unauthorized Confluence administrator accounts and gain access to the system.

2

How severe is CVE-2023-22515?

CVE-2023-22515 has a critical severity rating with a severity value of 10.

3

Who is affected by CVE-2023-22515?

Users of Atlassian Confluence Data Center and Server versions are affected by CVE-2023-22515.

4

How can attackers exploit CVE-2023-22515?

Attackers can exploit CVE-2023-22515 by exploiting a vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized administrator accounts and gain unauthorized access to Confluence.

5

Is there a fix for CVE-2023-22515?

Yes, Atlassian has released security updates to address CVE-2023-22515. It is recommended to update to the latest version of Confluence Data Center and Server to mitigate the vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203