Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Action Required: Confluence Data Center and Server security advisory CVE-2023-22527

Take immediate action to protect your instance

We have discovered that Confluence Data Center and Server customers on out-of-date versions including 8.4.5 are vulnerable to a remote code execution (RCE) attack if exploited by an unauthenticated attacker. This vulnerability carries a CVSS score of 10, the highest critical rating, and you must take immediate action to protect your instance. Please review the Critical Security Advisory to verify affected versions and instructions.

NOTE: We urge ALL Confluence Data Center and Server customers to also review Atlassian’s January Security Bulletin and take timely action to protect your instances from those non-critical vulnerabilities. You can register for Security Bulletin alerts in the Tech Alerts section of the your email preferences.

Atlassian found these vulnerabilities during our continuous security assessments. Customer security is our top priority, and we believe that acting proactively is the best approach to protecting your data.

Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

If you have questions, please raise a support request via the instructions included in the advisory.

0 comments

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events