all InfoSec news
Atlassian Confluence Unauthorized Admin Account (CVE-2023-22515)
Nov. 10, 2023, 6:23 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
The vulnerability attack is targeting an authentication bypass flaw in Atlassian Confluence Server and Confluence Data Center. The vulnerability is due to insufficient validation of user-supplied inputs. A successful exploitation may create an administrator account on the vulnerable server.
What is the Vendor Solution?
Atlassian released software updates to the affected products. For more information, click here.
What FortiGuard Coverage is available?
FortiGuard Labs has an IPS signature "Atlassian.Confluence.Unauthorized.Admin.Account.Creation" to detect and block any attack targeting …
account admin atlassian atlassian confluence atlassian confluence server attack authentication authentication bypass authentication bypass flaw bypass center confluence confluence data center confluence server cve cve-2023-22515 data data center exploitation flaw inputs may server software software updates solution targeting updates validation vendor vulnerability vulnerable what is
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Tinyproxy use-after-free Vulnerability (CVE-2023-49606)
1 week, 2 days ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Security Operations Manager-West Coast
@ The Walt Disney Company | USA - CA - 2500 Broadway Street
Vulnerability Analyst - Remote (WFH)
@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US
Senior Mainframe Security Administrator
@ Danske Bank | Copenhagen V, Denmark