CVE-2023-22518

Known Exploited Public Exploit

Description

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.  Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

Category

9.8
CVSS
Severity: Critical
CVSS 3.1 •
CVSS 3.0 •
EPSS 94.38% Top 5%
KEV Since 
Vendor Advisory atlassian.com Vendor Advisory atlassian.com
Affected: Atlassian Confluence Data Center
Affected: Atlassian Confluence Server
Published at:
Updated at:

References

Link Tags
https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907 vendor advisory mitigation issue tracking
https://jira.atlassian.com/browse/CONFSERVER-93142 vendor advisory mitigation issue tracking
http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html third party advisory vdb entry exploit

Frequently Asked Questions

What is the severity of CVE-2023-22518?
CVE-2023-22518 has been scored as a critical severity vulnerability.
How to fix CVE-2023-22518?
To fix CVE-2023-22518, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-22518 being actively exploited in the wild?
It is confirmed that CVE-2023-22518 is actively exploited. Be extra cautious if you are using vulnerable components. According to its EPSS score, there is a ~94% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-22518?
CVE-2023-22518 affects Atlassian Confluence Data Center, Atlassian Confluence Server.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.