CISA (Cybersecurity and Infrastructure Security Agency) has added the Atlassian Confluence Data Center and Server Template Injection vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.
Atlassian recently issued a warning about a critical remote code execution vulnerability, labeled CVE-2023-22527 (CVSS score of 10.0), in Confluence Data Center and Confluence Server affecting older versions.
This vulnerability is a template injection flaw that allows remote attackers to execute arbitrary code on vulnerable Confluence installations.
The vulnerability affects Confluence Data Center and Server versions 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, and 8.5.0 to 8.5.3. The latest supported versions of Confluence Data Center and Server are not affected.
According to the manufacturer’s announcement, “The template injection vulnerability in outdated versions of Confluence Data Center and Server allows an unauthenticated attacker to execute code remotely in the affected version. Customers using the affected version must take immediate action.” “This remote code execution (RCE) vulnerability affects outdated Confluence Data Center and Server 8 versions released before December 5, 2023, and 8.4.5, which no longer receives backward-compatible security bug fixes according to our security bug fix policy. Atlassian recommends updating to the latest version.”
The company has fixed the vulnerability with versions 8.5.4 (LTS), 8.6.0 (Data Center only), and 8.7.1 (Data Center only).
Atlassian recommends customers to install the latest version.
The security advisory states that there are no known workarounds or mitigations to fix this vulnerability.
According to Binding Operational Directive (BOD) 22-01: Mitigating Known Exploited Vulnerabilities, federal departments and agencies must address identified vulnerabilities within a specified timeframe to protect their networks from exploitation.
Experts also advise private organizations to review the catalog and address vulnerabilities in their infrastructure.
CISA directs government agencies to remediate this vulnerability by February 14, 2024.
FAQ:
1. What security flaw does the article address concerning Atlassian?
The article addresses the template injection vulnerability in Atlassian Confluence Data Center and Confluence Server.
2. What vulnerability was discovered in Atlassian Confluence?
A critical remote code execution vulnerability, identified as CVE-2023-22527 (CVSS score of 10.0), was discovered in outdated versions of Confluence Data Center and Confluence Server.
3. How can this vulnerability be exploited?
Template injection allows remote attackers to execute arbitrary code on vulnerable Confluence installations.
4. Which versions of Confluence are vulnerable?
Versions of Confluence Data Center and Server from 8.0.x to 8.5.3 are vulnerable. The latest supported versions are not affected.
5. Has the manufacturer released patches for this vulnerability?
Yes, the manufacturer has released patches for this vulnerability in versions 8.5.4 (LTS), 8.6.0 (Data Center only), and 8.7.1 (Data Center only). Customers are advised to install the latest version.
6. Is there a way to bypass or secure this vulnerability?
According to the manufacturer’s information, there are no known workarounds or mitigations to fix this vulnerability.
7. What is the deadline for government agencies to fix this vulnerability?
CISA directs government agencies to remediate this vulnerability by February 14, 2024.
Key Definitions:
– Atlassian Confluence: A platform for knowledge management and collaboration within organizations.
– Template Injection Vulnerability: A security flaw that allows injection of code into an application by substituting a malicious template.
– CVE-2023-22527: An identification number assigned to a specific vulnerability.
– CVSS: A scale that assesses the severity of vulnerabilities (0-10, with 10 indicating the highest threat level).
– Data Center: Atlassian Confluence version designed for large companies and organizations.
– Server: Atlassian Confluence version designed for individual servers.
Recommended Related Links:
– Atlassian Homepage
– Confluence Product Page
The source of the article is from the blog xn--campiahoy-p6a.es