CISA Warns of Widespread Exploitation of Known Confluence Vulnerability
CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint advisory warning organizations of “widespread, continued exploitation” of a known bug in the popular Atlassian Confluence software, reports Lindsey O’Donnell-Welch.
The bug (CVE-2023-22515) can allow “threat actors to obtain initial access to Confluence instances by creating unauthorized Confluence administrator accounts,” and network administrators are urged to patch the flaw immediately.
Read more at Decipher.
10/18/2023