In an Australian cyber security national alert to industry, the ASD’s ACSC has alerted its subscribers that it is tracking a remote code execution (RCE) vulnerability in Atlassian Confluence Data Center and Confluence Server.
The ASD ACSC advised; “CVE-2023-22527 is a template injection vulnerability, in all but the most recent versions of Confluence Data Center and Server, that allows an unauthenticated attacker to achieve RCE.
Affected versions include Server 8 versions released before 05 December 2023 and 8.4.5.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
ASD’s ACSC says it is not aware of active exploitation of CVE-2023-22527 at this time.
Mitigation
Australian organisations should review their networks for use of vulnerable instances of Atlassian Confluence Data Center and Confluence Server, and consult Atlassian’s customer advisory for mitigation advice.
