Skip to content
feed: live about
>_ 0dayNews
CVE Record
[ CRITICAL ] CVE-2023-22515

Atlassian Confluence Data Center and Server Broken Access Control

A broken-access-control vulnerability in Atlassian Confluence Data Center and Server allows a remote, unauthenticated attacker to create unauthorized Confluence administrator accounts and gain full access to affected instances.

cat cve-2023-22515.json
Vendor
Atlassian
Product
Confluence Data Center and Server
CVSS
10.0
Status
kev
Published

CVE-2023-22515 is a maximum-severity broken-access-control vulnerability in Atlassian Confluence Data Center and Server. Exploitation lets a remote, unauthenticated attacker create new Confluence instance administrator accounts and access affected instances directly — no credentials required.

Atlassian disclosed the flaw on October 4, 2023, stating it had already observed active exploitation against a small number of customers prior to the public advisory. CISA added it to the Known Exploited Vulnerabilities catalog the same week, and Atlassian subsequently confirmed broader exploitation as proof-of-concept details circulated.

Why it mattered

Confluence is a default repository for internal documentation — credentials, architecture diagrams, incident runbooks, and other material attackers prize as a precursor to ransomware deployment or further lateral movement. A flaw that hands out admin accounts to anonymous attackers turns the wiki into a beachhead.

Atlassian’s security advisory and the NVD record above carry patch guidance and affected version ranges. Cloud-hosted Confluence sites were not affected.