Home / Companies / Cloudflare / Blog / Post Details
Content Deep Dive

All Cloudflare Customers Protected from Atlassian Confluence CVE-2023-22515

Blog post from Cloudflare

Post Details
Company
Date Published
Author
Himanshu Anand, Daniele Molteni, Sourov Zaman, Vaibhav Singhal, Ary Widdes, Myles Robinson
Word Count
160
Company Posts That Month
25
Language
English
Hacker News Points
-
Post removed?
No
Summary

On October 4th, 2023, Atlassian disclosed a zero-day vulnerability named "Privilege Escalation Vulnerability in Confluence Data Center and Server" (CVE-2023-22515), affecting their Confluence Server and Data Center products. Cloudflare was notified of the issue before the advisory's publication, working with Atlassian to apply protective WAF rules for all customers. The vulnerability allows an attacker to create unauthorized administrator accounts on public Confluence instances, assessed by Atlassian as critical; however, no CVSS score has been released yet. More information can be found in the security advisory, listing affected versions of Confluence Server.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.