CVE-2023-22522

Summary

This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page. Using this approach, an attacker is able to achieve Remote Code Execution (RCE) on an affected instance. Publicly accessible Confluence Data Center and Server versions as listed below are at risk and require immediate attention. See the advisory for additional details

Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

Affected Software

VendorProductVersion RangeStatus
AtlassianConfluence Data Center< 4.0.0unaffected
AtlassianConfluence Data Center>= 4.0.0affected
AtlassianConfluence Data Center>= 7.20.0affected
AtlassianConfluence Data Center>= 8.0.0affected
AtlassianConfluence Data Center>= 8.6.0affected
AtlassianConfluence Data Center>= 7.19.17unaffected
AtlassianConfluence Data Center>= 8.4.5unaffected
AtlassianConfluence Data Center>= 8.5.4unaffected
AtlassianConfluence Data Center>= 8.6.2unaffected
AtlassianConfluence Data Center>= 8.7.1unaffected
AtlassianConfluence Server< 4.0.0unaffected
AtlassianConfluence Server>= 4.0.0affected
AtlassianConfluence Server>= 7.20.0affected
AtlassianConfluence Server>= 8.0.0affected
AtlassianConfluence Server>= 8.6.0affected
AtlassianConfluence Server>= 7.19.17unaffected
AtlassianConfluence Server>= 8.4.5unaffected
AtlassianConfluence Server>= 8.5.4unaffected
AtlassianConfluence Server>= 8.6.2unaffected
AtlassianConfluence Server>= 8.7.1unaffected

Weaknesses

  • RCE (Remote Code Execution)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References