Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Atlassian users need to patch their Confluence instances now to avoid data being destroyed by hackers

A digital padlock on a blue digital background.

Confluence users can’t seem to catch a break, as makers Atlassian warn of yet another high-severity flaw that’s being abused in the wild.

This time, the vulnerability in question is an improper authorization flaw found in all versions of Confluence Data Center and Confluence Server. It’s being tracked as CVE-2023-22518 and carries a severity score of 9.1.

Hackers can use it to destroy data found on the affected servers. It seems as if they can’t steal the data, though, as Atlassian said there was “no impact to confidentiality as an attacker cannot exfiltrate any instance data”. What’s more, Atlassian Cloud sites accessed through an atlassian.net domain appear to be immune to the flaw. 

No exploitation yet

"As part of our continuous security assessment processes, we have discovered that Confluence Data Center and Server customers are vulnerable to significant data loss if exploited by an unauthenticated attacker," said Bala Sathiamurthy, Atlassian's Chief Information Security Officer (CISO), in an article on the company's website.

"There are no reports of active exploitation at this time; however, customers must take immediate action to protect their instances," he added.

Atlassian addressed the vulnerability and patched Confluence Data Center and Server versions 7.19.16, 8.3.4, 8.4.4, 8.5.3, and 8.6.1.

Users are advised to apply the fix immediately. If, for any reason, they can’t do that, they should deploy mitigation measures, including backing up unpatched instances and blocking Internet access until they're upgraded.

"Instances accessible to the public internet, including those with user authentication, should be restricted from external network access until you can patch," the company said.

In mid-October this year, the FBI, CISA, and other agencies urged admins to apply a fix and secure their endpoints from CVE-2023-22515, another flaw found in Atlassian Confluence servers. 

"Due to the ease of exploitation, CISA, FBI, and MS-ISAC expect to see widespread exploitation of unpatched Confluence instances in government and private networks," the agencies warned at the time. 

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.