Fortra’s Alert Logic is researching a new template injection vulnerability on out-of-date versions of Confluence Data Center and Confluence Server. By exploiting this vulnerability (CVE-2023-22527), an unauthenticated attacker can achieve remote code execution. Customers are recommended to update to a patched version of Confluence Data Center and Server as soon as possible to resolve this vulnerability.
Who is affected?
Anyone using Confluence Data Center and Server between version 8.0.x and 8.5.3 is vulnerable.
What can I do?
Confluence recommends immediately patching a fixed version or the latest version of Confluence Data Center and Server, as listed below.
|Confluence Data Center and Server
|Confluence Data Center
|8.6.0 (Data Center Only)
8.7.1 (Data Center Only)
|8.7.2 (Data Center Only)
For more information about the vulnerability and patched versions, refer to Confluence’s security bulletin.
How is Alert Logic helping me?
Alert Logic is actively researching this threat to build detection capabilities in addition to those listed below.
Log Management: Alert Logic has deployed and is actively monitoring log telemetry related to known IOCs.
Alert Logic has kicked off the Emerging Threat process for this vulnerability. This article will be updated with new information about this vulnerability and related Alert Logic coverage as it becomes available. To follow updates for this vulnerability, click FOLLOW at the top of this article. You must be signed into the Support Center using your Alert Logic product credentials to follow this article.