LetsDefend Monitoring Alert
Atlassian Confluence Broken Access Control 0-Day CVE-2023-22515
Nov, 09, 2023, 09:47 AM
Event ID: 197
Event Time: Nov, 09, 2023, 09:47 AM
Rule Name: SOC235 - Atlassian Confluence Broken Access Control 0-Day CVE-2023-22515
Alert Type: Web Attack
MITRE Technique:
T1204 - Execution - User Execution,
T1190 - Initial Access - Exploit Public-Facing Application,
T1136 - Persistence - Create Account,
T1068 - Privilege Escalation - Exploitation for Privilege Escalation,
T1531 - Impact - Account Access Removal,
T1140 - Defense Evasion - Deobfuscate/Decode Files or Information,
Real World Example:⭐ CVE-2023-22515 affects certain versions of Atlassian Confluence Data Center and Server, enabling malicious cyber threat actors to obtain initial access to Confluence instances by creating unauthorized
Severity: High
Security Analyst