Atlassian, a leading provider of team collaboration and productivity software, has recently addressed a high severity Remote Code Execution (RCE) vulnerability in its Confluence Data Center & Server. The vulnerability, known as CVE-2023-22508, was introduced in version 6.1.0 of Confluence Data Center & Server and has a CVSS Score of 8.5.
The RCE vulnerability allows an authenticated attacker to execute arbitrary code, posing a high impact to confidentiality, integrity, and availability. The vulnerability does not require user interaction, making it particularly dangerous. It was discovered by a private user and reported via Atlassian’s Bug Bounty program.
The vulnerability could allow attackers to execute remote code with minimal user interaction. This means that attackers could potentially take full control of systems by exploiting outdated software with these vulnerabilities.
Atlassian recommends that users upgrade their instance to the latest version. If an upgrade to the latest version is not possible, users should upgrade to the fixed version: 8.2.0. You can download the latest version of Data Center & Server from the Atlassian download center.
Atlassian also addressed two other vulnerabilities in its Confluence Server, Data Center, and Bamboo Data Center products. These include CVE-2023-22505 (Confluence 8.0.0) and CVE-2023-22506 (Bamboo 8.0.0), both of which could allow authenticated attacks to inject and execute remote code with no user interaction.
Atlassian’s swift response to these vulnerabilities underscores the importance of proactive threat intelligence and the role of bug bounty programs in identifying potential threats. Users of Atlassian’s Confluence Data Center & Server are urged to update their systems immediately to mitigate the risk posed by these vulnerabilities.