all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Increase in Exploit Attempts for Atlassian Confluence Server (CVE-2023-22518), (Wed, Dec 20th)

Add to bookmarks
Dec. 20, 2023, 4:15 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Today, exploit attempts for %%cve:2023-22518%% cross the “significant” threshold for our “First Seen URLs” list. The URL being accessed, “/json/setup-restore.action?synchronous=true”, can be used to bypass authentication [1]. Due to a failure to properly control access to this path, the attacker can execute the “setup-restore” feature, which restores the database using attacker-supplied data and can lead to system command execution.


Article Link: https://isc.sans.edu/diary/rss/30502


1 post - 1 participant


Read full topic

access action atlassian atlassian confluence atlassian confluence server attacker authentication bypass confluence confluence server control control access cve cve-2023-22518 dec exploit failure feature json list path restore restores server threshold today url urls

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

New Redline Version: Uses Lua Bytecode, Propagates Through GitHub 13 hours ago | malware.news
bytecode code detect found +12
Cybersecurity firm Darktrace sold to Thoma Bravo for $5.3 billion 1 day, 1 hour ago | malware.news
acquisition article cybersecurity darktrace +5
Arctic Wolf Recognized as a Leader in Frost & Sullivan Managed Detection and Response Report 1 day, 2 hours ago | malware.news
amp and response april arctic +20
CVE-2024-29204, CVE-2024-24996: Critical Vulnerabilities in Ivanti Avalanche 1 day, 2 hours ago | malware.news
april avalanche components critical +19
Showcasing Artwork by Max for Autism Awareness Month 1 day, 2 hours ago | malware.news
art article artwork autism +6
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland - SWN #381 1 day, 3 hours ago | malware.news
article cisco deepfakes flowmon +6
Kaiser Permanente notifies 13.4M patients of potential data exposure 1 day, 3 hours ago | malware.news
apps article data data exposure +16
Impact of organizational structure on ransomware outcomes: Where does your org fit in? 1 day, 3 hours ago | malware.news
article challenges core security detection +15
VA is warning veterans about Change Healthcare cyberattack, secretary says 1 day, 4 hours ago | malware.news
alerting article attack change +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Salesforce Solution Consultant

@ BeyondTrust | Remote United States
View on infosec-jobs.com

Divisional Deputy City Solicitor, Public Safety Compliance Counsel - Compliance and Legislation Unit

@ City of Philadelphia | Philadelphia, PA, United States
View on infosec-jobs.com

Security Engineer, IT IAM, EIS

@ Micron Technology | Hyderabad - Skyview, India
View on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

Werkstudent Cybersecurity (m/w/d)

@ Brose Group | Bamberg, DE, 96052
View on infosec-jobs.com
View more jobs