All Cloudflare Customers Protected from Atlassian Confluence CVE-2023-22515

By admin

1 min
TIME

read

On

2023-10-04
DATE

at

13:00 UTC
TIME

,

Atlassian
NORP

released details of the

zero-day
DATE

vulnerability described as “Privilege Escalation Vulnerability in

Confluence Data Center
ORG

and Server” (

CVE-2023-22515
ORG

), a

zero-day
DATE

vulnerability impacting

Confluence Server
ORG

and

Data Center
ORG

products.


Cloudflare
ORG

was warned about the vulnerability before the advisory was published and worked with

Atlassian
NORP

to proactively apply protective

WAF
LAW

rules for all customers. All Cloudflare customers, including Free, received the protection enabled by default. On

2023-10-03
DATE

14:00 UTC Cloudflare

WAF
PRODUCT

team released the following managed rules to protect against the

first
ORDINAL

variant of the vulnerability observed in real traffic.

Rule ID Description Default Action New Managed Rules …ec9f34e1 Atlassian Confluence – Privilege Escalation – CVE:CVE-2023-22515 Block Legacy Managed Rules 100604 and

100605
CARDINAL


Atlassian
NORP

Confluence – Privilege Escalation – CVE:

CVE-2023-22515
MONEY

Block Free Managed Rule …91935fcb Atlassian Confluence – Privilege Escalation – CVE:CVE-2023-22515 Block

When

CVE-2023-22515
ORG

is exploited, an attacker could access public

Confluence Data Center
ORG

and Server instances to create unauthorized

Confluence
ORG

administrator accounts to access the instance. According to the advisory the vulnerability is assessed by

Atlassian
NORP

as critical. At the moment of writing a

CVSS
ORG

score is not yet known. More information can be found in the security advisory, including what versions of

Confluence Server
ORG

are affected.