1. Summary
| Vulnerability Name |
Atlassian Confluence Remote Code Execution Vulnerability (CVE-2023-22508) |
|---|---|
| Release Date |
July 19, 2023 |
| Component Name |
Atlassian Confluence Data Center & Server |
| Affected Versions |
Confluence Data Center & Server < 7.13.20 |
| Vulnerability Type |
Remote Code Execution Vulnerability |
| Severity |
CVSS v3 Base Score: 8.5 (High) |
| Exploitability |
Attack Vector: Network Attack Complexity: High Privileges Required: Low User Interaction: None |
| Impact |
Confidentiality Impact: High Integrity Impact: High Availability Impact: High |
2. About the Vulnerability (CVE-2023-22508)
2.1 About the Component
Atlassian Confluence Data Center is a collaborative software solution designed to facilitate teamwork and knowledge sharing within organizations. It ensures high availability and scalability by employing a distributed architecture across multiple nodes and data centers, accommodating the needs of large enterprises.
Atlassian Confluence Server is collaboration and documentation software that allows teams to work together and share knowledge effectively within an organization. It is a self-hosted solution, meaning it runs on a single server and is suitable for small to mid-sized teams.
2.2 About the Vulnerability
On July 19, 2023, Sangfor FarSight Labs received notification of a remote code execution vulnerability in Atlassian Confluence Data Center and Server, identified as CVE-2023-22508, with a severity rating of High (CVSS Score 8.5).
This remote code execution (RCE) vulnerability allows an authenticated attacker to execute arbitrary code. It has a high impact on confidentiality, a high impact on integrity, a high impact on availability, and requires no user interaction.
3. Affected Versions
Confluence Data Center & Server < 7.13.20
Confluence Data Center & Server < 7.19.8
Confluence Data Center & Server < 8.2.0
4. Solutions
4.1 Atlassian Solution
4.1.1 Version Upgrade
Atlassian recommends that users upgrade to the latest version of Confluence Data Center/Server. Users who are unable to upgrade to the latest version are recommended to upgrade to the earliest fixed version: 8.2.0 (Feature Release), 7.19.8 (Long Term Support), or 7.13.20 (Long Term Support).
Link: https://www.atlassian.com/software/confluence/download-archives
5. Timeline
On July 19, 2023, Sangfor FarSight Labs received notification about the Atlassian Confluence Remote Code Execution Vulnerability (CVE-2023-22508).
On July 19, 2023, Sangfor FarSight Labs released a vulnerability alert.
6. Reference
https://jira.atlassian.com/browse/CONFSERVER-88221
https://nvd.nist.gov/vuln/detail/CVE-2023-22508
7. Learn More
Sangfor FarSight Labs researches the latest cyberthreats and unknown zero-day vulnerabilities, alerting customers to potential dangers to their organizations, and providing real-time solutions with actionable intelligence. Sangfor FarSight Labs works with other security vendors and the security community at large to identify and verify global cyberthreats, providing fast and easy protection for customers.
