all InfoSec news
Atlassian Fixes Zero Day in Confluence
Malware Analysis, News and Indicators - Latest topics malware.news
Atlassian is warning customers about a critical new privilege escalation flaw in many versions of its Confluence product that attackers have been exploiting in the wild.
Many privilege escalation flaws are only locally exploitable, but this appears to be one of the uncommon cases where the flaw may be remotely exploitable. In its advisory, Atlassian said that customers had alerted the company to exploitation of a new flaw (CVE-2023-22515) in the Confluence Server and Data Center products.
“Atlassian has been …
advisory atlassian attackers cases confluence critical customers escalation exploiting fixes flaw flaws locally may privilege privilege escalation privilege escalation flaw product uncommon warning