Subscribe to receive notifications of new posts:

All Cloudflare customers protected from the Atlassian Confluence CVE-2023-22515

2023-10-04

1 min read

On 2023-10-04 at 13:00 UTC, Atlassian released details of the zero-day vulnerability described as “Privilege Escalation Vulnerability in Confluence Data Center and Server” (CVE-2023-22515), a zero-day vulnerability impacting Confluence Server and Data Center products.  

Cloudflare was warned about the vulnerability before the advisory was published and worked with Atlassian to proactively apply protective WAF rules for all customers. All Cloudflare customers, including Free, received the protection enabled by default. On 2023-10-03 14:00 UTC Cloudflare WAF team released the following managed rules to protect against the first variant of the vulnerability observed in real traffic.

Rule ID

Description

Default Action

New Managed Rules

…ec9f34e1

Atlassian Confluence - Privilege Escalation - CVE:CVE-2023-22515

Block

Legacy Managed Rules

100604 and 100605

Atlassian Confluence - Privilege Escalation - CVE:CVE-2023-22515

Block

Free Managed Rule

…91935fcb

Atlassian Confluence - Privilege Escalation - CVE:CVE-2023-22515

Block

When CVE-2023-22515 is exploited, an attacker could access public Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts to access the instance. According to the advisory the vulnerability is assessed by Atlassian as critical. At the moment of writing a CVSS score is not yet known. More information can be found in the security advisory, including what versions of Confluence Server are affected.

Cloudflare's connectivity cloud protects entire corporate networks, helps customers build Internet-scale applications efficiently, accelerates any website or Internet application, wards off DDoS attacks, keeps hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.
AtlassianCVEWAF

Follow on X

Himanshu Anand|@anand_himanshu
Cloudflare|@cloudflare

Related posts

May 30, 2024 1:00 PM

Disrupting FlyingYeti's campaign targeting Ukraine

In April and May 2024, Cloudforce One employed proactive defense measures to successfully prevent Russia-aligned threat actor FlyingYeti from launching their latest phishing campaign targeting Ukraine...