Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC), has issued a joint Cybersecurity Advisory (CSA) due to the active exploitation of CVE-2023-22515. This vulnerability affects certain Atlassian Confluence Data Center and Server versions, allowing malicious actors to create unauthorized administrator accounts. It’s rated critical by Atlassian, and CISA, FBI, and MS-ISAC expect widespread, ongoing exploitation. They recommend immediate software updates and network monitoring for potential compromises, with incident response measures if necessary.