LetsDefend Monitoring Alert

Atlassian Confluence Broken Access Control 0-Day CVE-2023-22515

Nov, 09, 2023, 09:47 AM

Event ID: 197

Event Time: Nov, 09, 2023, 09:47 AM

Rule Name: SOC235 - Atlassian Confluence Broken Access Control 0-Day CVE-2023-22515

Alert Type: Web Attack

MITRE Technique:
T1204 - Execution - User Execution,
T1190 - Initial Access - Exploit Public-Facing Application,
T1136 - Persistence - Create Account,
T1068 - Privilege Escalation - Exploitation for Privilege Escalation,
T1531 - Impact - Account Access Removal,
T1140 - Defense Evasion - Deobfuscate/Decode Files or Information,

Real World Example:CVE-2023-22515 affects certain versions of Atlassian Confluence Data Center and Server, enabling malicious cyber threat actors to obtain initial access to Confluence instances by creating unauthorized

Severity: High

Security Analyst

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166