MUST READ

Kosovo man pleads guilty to running online criminal marketplace BlackDB

 | 

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

 | 

Jaguar Land Rover discloses a data breach after recent cyberattack

 | 

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

 | 

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

 | 

KillSec Ransomware is Attacking Healthcare Institutions in Brazil

 | 

Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

 | 

SAP September 2025 Patch Day fixed 4 critical flaws

 | 

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

 | 

LunaLock Ransomware threatens victims by feeding stolen data to AI models

 | 

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

 | 

Canadian investment platform Wealthsimple disclosed a data breach

 | 

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

 | 

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

 | 

Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Qantas cuts executive bonuses by 15% after a July data breach

 | 

MeetC2 - A serverless C2 framework that leverages Google Calendar APIs as a communication channel

 | 

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

 | 

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

 | 

CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini January 25, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Atlassian Confluence Data Center and Server Template Injection bug to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Atlassian Confluence Data Center and Server Template Injection bug, tracked as CVE-2023-22527, to its Known Exploited Vulnerabilities (KEV) catalog.

Atlassian recently warned of a critical remote code execution vulnerability, tracked as CVE-2023-22527 (CVSS score 10.0), in Confluence Data Center and Confluence Server that impacts older versions.

The vulnerability is a template injection vulnerability that can allow remote attackers to execute arbitrary code on vulnerable Confluence installs.

The flaw affects Confluence Data Center and Server versions 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, and 8.5.0 through 8.5.3. Most recent supported versions of Confluence Data Center and Server are not affected by this issue.

“A template injection vulnerability on out-of-date versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected version. Customers using an affected version must take immediate action.” reads the advisory published by the vendor. “This RCE (Remote Code Execution) vulnerability affects out-of-date Confluence Data Center and Server 8 versions released before Dec. 5, 2023 as well as 8.4.5 which no longer receives backported fixes in accordance with our Security Bug Fix Policy. Atlassian recommends patching to the latest version.”

The company addressed the vulnerability with the release of versions 8.5.4 (LTS), 8.6.0 (Data Center only), and 8.7.1 (Data Center only).

Atlassian recommends customers to install the latest version.

The security bulletin states that there is no known workarounds or mitigation to remediate this vulnerability.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts recommend also private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix this vulnerability by February 14, 2024.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – Known Exploited Vulnerabilities catalog, Confluence Data Center)

CISA Hacking hacking news information security news IT Information Security Known Exploited Vulnerabilities Catalog Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini September 11, 2025
Kosovo man pleads guilty to running online criminal marketplace BlackDB
Read more
Pierluigi Paganini September 11, 2025
Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Kosovo man pleads guilty to running online criminal marketplace BlackDB

Breaking News / September 11, 2025

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

Malware / September 11, 2025

Jaguar Land Rover discloses a data breach after recent cyberattack

Data Breach / September 11, 2025

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

Security / September 10, 2025

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

Security / September 10, 2025