CVE-2023-22518 and How to recover data

hanlin2531
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
November 15, 2023

I am under attack by CVE-2023-22518, symptoms:

1. The database is cleared

2. Data directories and files exist but are not backed up

Can I still recover my data? No backup

1 answer

0 votes
BHUSHAN PATIL
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 23, 2023

Hi Hanlin2531,


Experiencing an attack involving data clearing due to CVE-2023-22518 can be extremely challenging, especially without a backup. However, there might still be some possibilities for data recovery:

Database Recovery Options:

Check if any database backups exist separately from the Confluence system. If there are backups, they might contain the data that was cleared.
Investigate recovery options within the database system itself. Sometimes, deleted data can be recoverable using specialized recovery tools or techniques. However, this process can be complex and might require expertise.

File System Analysis:

Even though the data directories and files exist but are not backed up, it's possible that some data remnants might still be present on the file system. Forensic analysis or specialized recovery tools might potentially retrieve some of the lost data.

Confluence XML Backup:

If there's a possibility that Confluence's XML backup feature was enabled before the attack, there might be a chance to recover some content. However, this depends on the timing and existence of such backups.

Immediate Steps:

  • Stop Usage: Cease using the affected system immediately to prevent further data loss or overwriting of existing data remnants.
  • Seek Expert Help: Engage cybersecurity experts or professional data recovery services with expertise in such situations. They might have specialized tools and methodologies to recover lost data or provide guidance.

Remember, without backups, data recovery can be exceedingly challenging. It's crucial to have robust backup and disaster recovery strategies in place to mitigate the impact of such incidents in the future.

Regards,
Bhushan

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events