Rewterz Threat Alert – RedLine Stealer – Active IOCs
October 5, 2023Rewterz Threat Alert – Snake Keylogger Malware – Active IOCs
October 5, 2023Rewterz Threat Alert – RedLine Stealer – Active IOCs
October 5, 2023Rewterz Threat Alert – Snake Keylogger Malware – Active IOCs
October 5, 2023Severity
High
Analysis Summary
CVE-2023-22515
Atlassian Confluence Data Center and Server could allow a remote attacker to gain elevated privileges on the system, caused by an error related to the /setup/* endpoints on Confluence instances. An attacker could exploit this vulnerability to create administrator accounts that can be used to access Confluence instances.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-22515
Affected Vendors
Atlassian
Affected Products
- Atlassian Confluence Server 8.0.0
- Atlassian Confluence Data Center 8.0.0
- Atlassian Confluence Data Center 8.1.0
- Atlassian Confluence Data Center 8.2.0
Remediation
Refer to the ATLASSIAN Website for patch, upgrade or suggested workaround information.