{"uuid": "2647e665-e577-484d-b798-6629db5d227c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22518", "type": "exploited", "source": "https://t.me/tech_b0lt_Genona/4091", "content": "\u0422\u0443\u0442\u043e\u0432\u0430 \u043d\u0430 \u0434\u043d\u044f\u0445 \u0412\u041d\u0415\u0417\u0410\u041f\u041d\u041e11!!11 \u0432 Confluence \u043d\u0430\u0448\u043b\u0438 \u0434\u044b\u0440\u043a\u0443 \u0441\u0442\u0440\u0430\u0448\u043d\u0443\u044e \u0432 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u0447\u0442\u043e \u0430\u0436 10/10 \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438. \u041c\u043e\u0433\u0443\u0442 \u0432\u0441\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u0434\u0430\u043b\u0438\u0442\u044c, \u0430 \u043c\u043e\u0433\u0443\u0442 ransomware \u0437\u0430\u043b\u0438\u0442\u044c.\n\nAs part of Atlassian's ongoing monitoring and investigation of this CVE, we observed several active exploits and reports of threat actors using ransomware. We have escalated CVE-2023-22518 from CVSS 9.1 to 10, the highest critical rating, due to the change in the scope of the attack. \n. . .\nAll versions of Confluence Data Center and Server are affected by this vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to a full loss of confidentiality, integrity and availability. \nhttps://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html\n\n\u041f\u043e \u0441\u0441\u044b\u043b\u043a\u0435 \u043d\u0430 GH \u043b\u0435\u0436\u0438\u0442 \u0441\u043a\u0440\u0438\u043f\u0442 \u043d\u0430 Python, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043a\u0430\u043a \u0434\u0435\u043b\u0430 \u0443 \u0432\u0430\u0448\u0435\u0439 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0438\nhttps://github.com/ForceFledgling/CVE-2023-22518", "creation_timestamp": "2023-11-07T17:43:36.000000Z"}