Critical vulnerability in Atlassian Confluence server is under “mass exploitation” - fivenewscrypto
Terkini Populer Kategori
Headline
Loading...

lundi 6 novembre 2023

Critical vulnerability in Atlassian Confluence server is under “mass exploitation”

Critical vulnerability in Atlassian Confluence server is under “mass exploitation”
lundi 6 novembre 2023
Critical vulnerability in Atlassian Confluence server is under “mass exploitation”

Enlarge

A critical vulnerability in Atlassian’s Confluence enterprise server app that allows for malicious commands and reset servers is under active exploitation by threat actors in attacks that install ransomware, researchers said.

“Widespread exploitation of the CVE-2023-22518 authentication bypass vulnerability in Atlassian Confluence Server has begun, posing a risk of significant data loss,” Glenn Thorpe, senior director of security research and detection engineering at security firm GreyNoise, wrote on Mastodon on Sunday. “So far, the attacking IPs all include Ukraine in their target.”

He pointed to a page showing that between 12 am and 8 am on Sunday UTC (around 5 pm Saturday to 1 am Sunday Pacific Time), three different IP addresses began exploiting the critical vulnerability, which allows attackers to restore a database and execute malicious commands. The IPs have since stopped those attacks, but he said he suspected the exploits are continuing.

Read 11 remaining paragraphs | Comments


Share with your friends

Add your opinion
Disqus comments

Ads Auto