ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·10/5/2023
CVE-2023-22515 added to CISA KEV: Atlassian Confluence Data Center and Server
Status: ✅ Confirmed exploited in the wild
Date added: 2023-10-05
Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Check all affected Confluence instances for evidence of compromise per vendor instructions and report any positive findings to CISA.
Due date: 2023-10-13
Why this matters
Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.