Back to KEVs

CVE-2023-22518

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows...

Basic Information

CVE State
PUBLISHED
Reserved Date
January 01, 2023
Published Date
October 31, 2023
Last Updated
February 13, 2025
Vendor
Atlassian
Product
Confluence Data Center, Confluence Server
Description
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.  Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

CVSS Scores

CVSS v3.0

10.0 - CRITICAL

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

SSVC Information

Exploitation
active
Automatable
Yes
Technical Impact
partial

Exploit Status

Exploited in the Wild
Yes (added 2023-11-07 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2024-01-23 13:38:40 UTC) Source
Used in Malware
Yes (added 2023-11-07 00:00:00 UTC) Source

References

https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907 https://jira.atlassian.com/browse/CONFSERVER-93142 http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html

Known Exploited Vulnerability Information

Source Added Date
CISA 2023-11-07 00:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/atlassian_confluence_unauth_backup.rb 2025-04-29 11:01:20 UTC
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-22518.yaml 2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

atlassian_confluence_unauth_backup

Type: metasploit • Created: Unknown

Metasploit module for CVE-2023-22518

bibo318/CVE-2023-22518

Type: github • Created: 2024-01-23 13:38:40 UTC • Stars: 1

Lỗ hổng ủy quyền không phù hợp trong Trung tâm dữ liệu Confluence và Máy chủ + bugsBonus 🔥

0x0d3ad/CVE-2023-22518

Type: github • Created: 2023-11-09 06:56:18 UTC • Stars: 5

Exploit CVE-2023-22518

RevoltSecurities/CVE-2023-22518

Type: github • Created: 2023-11-05 06:45:33 UTC • Stars: 43

An Exploitation tool to exploit the confluence server that are vulnerable to CVE-2023-22518 Improper Authorization

davidfortytwo/CVE-2023-22518

Type: github • Created: 2023-11-02 22:52:15 UTC • Stars: 8

Checker for CVE-2023-22518 vulnerability on Confluence

ForceFledgling/CVE-2023-22518

Type: github • Created: 2023-10-31 05:35:00 UTC • Stars: 56

Improper Authorization Vulnerability in Confluence Data Center and Server