"Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day"

Business software maker Atlassian recently called immediate attention to a major security defect in its Confluence Data Center and Server products and warned that the issue has already been exploited as zero-day in the wild.  Atlassian confirmed that “a handful of customers” were hit by exploits targeting a remotely exploitable flaw in Confluence Data Center and Server instances.  The vulnerability tracked as CVE-2023-22515 is described as a remotely exploitable privilege escalation issue affecting on-prem instances of Confluence Server and Confluence Data Center.  The company noted that instances on the public internet are particularly at risk, as this vulnerability is exploitable anonymously.  The company stated that upgrading will not remove the compromise if an instance has already been compromised.  The company noted that Atlassian Cloud sites are not vulnerable to this issue.

SecurityWeek reports: "Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day"