Flash Notice: Critical Atlassian Confluence Vulnerability, Could Result in Data Loss

overview

A vulnerability (CVE-2023-22518) was found in Atlassian’s Confluence Data Center and Server. The vulnerability has a CVSS score of 9.1 and is an improper authorization flaw. The security flaw impacts all versions of Confluence Data Center and Server and organizations could face data loss if the vulnerability is exploited.  

Although no specific details about the flaw have been disclosed, it is important to act quickly to secure your instances. While this vulnerability could potentially lead to data loss if exploited, Atlassian emphasizes that there is no risk to confidentiality, as attackers cannot extract instance data. Atlassian states that Cloud sites accessed via atlassian.net domains are unaffected.  

As of now, there is no evidence of active exploitation in the wild. However, it is worth noting that previously discovered software vulnerabilities, such as CVE-2023-22515, have been weaponized by threat actors. Due to recent reports of widespread attacks targeting Confluence servers, Avertium highly recommends organizations apply the appropriate updates as soon as possible.  

avertium's recommendationS

• Atlassian has released patches for the following versions:  
  • 7.19.16 or later 
  • 8.3.4 or later 
  • 8.4.4 or later 
  • 8.5.3 or later 
  • 8.6.1 or later 
• If you cannot patch immediately, Atlassian recommends backing up unpatched instances and disconnecting instances accessible via the public internet until the patch can be applied.  
  • Please note, users running versions outside the support window are strongly advised to upgrade to a fixed version. 
• Please see mitigation and patch guidance in Atlassian’s advisory.  

INDICATORS OF COMPROMISE (IoCs)

At this time, there are no known IoCs associated with CVE-2023-46747. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.   

How Avertium is Protecting Our CUSTOMERS

• Expanding endpoints, cloud computing environments, and accelerated digital transformation have decimated the perimeter in an ever-expanding attack surface. Avertium offers Attack Surface Management, so you’ll have no more blind spots, weak links, or fire drills. See every threat in your attack surface, every device, every entry point, and every vulnerability. Our Attack Surface Management services include:  
  • Risk Assessments 
  • Pen Testing and Social Engineering  
  • Infrastructure Architecture and Integration  
  • Zero Trust Network Architecture 
  • Vulnerability Management 
• Fusion MXDR is the first MDR offering that fuse together all aspects of security operations into a living, breathing, threat-resistant XDR solution. By fusing insights from threat intelligence, security assessments, and vulnerability management into our MDR approach, Fusion MXDR offers a more informed, robust, and cost-effective approach to cybersecurity – one that is greater than the sum of its parts. 
• Avertium offers Vulnerability Management (VM) to provide a deeper understanding and control over organizational information security risks.  If your enterprise is facing challenges with the scope, resources, or skills required to implement a vulnerability management program with your team, outsourced solutions can help you bridge the gap. 
• Note: We highly value your feedback. Kindly spare a moment to complete our feedback form, allowing us to enhance our services for our valued customers. 

SUPPORTING DOCUMENTATION