Atlassian Confluence Vulnerability: Maximum Threat Level Reached

November 8, 2023 at 02:00 PM

•

1 min read

Atlassian Confluence Vulnerability: Maximum Threat Level Reached — Photo: The Register

TL;DR Summary

Atlassian has raised the severity rating of a recent vulnerability in its Confluence Data Center and Server, increasing the CVSS score to the maximum of 10. The vulnerability allows an attacker to reset Confluence and create an administrator account, granting them extensive control over compromised instances. Active exploitation of the vulnerability has been reported, with attacks leading to the attempted deployment of the Cerber ransomware strain. Atlassian advises all Confluence users to upgrade immediately or apply temporary mitigations. The increased severity rating now matches that of another major Confluence vulnerability disclosed earlier in October.

Topics:business #atlassian #confluence #cybersecurity #patch #technology #vulnerability

Share this article

Atlassian cranks up the threat meter to max for Confluence authorization flaw The Register
Atlassian Confluence vulnerability under widespread attack TechTarget
Atlassian Bug Escalated to 10, All Unpatched Instances Vulnerable DARKReading
Atlassian confirms ransomware is exploiting latest Confluence bug The Record from Recorded Future News
Actively exploited Atlassian Confluence bug elevated to maximum severity rating SC Media

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

83%

549 → 94 words

Want the full story? Read the original article

Read on The Register

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights