{"uuid": "ce58fd09-c656-45e2-8987-a538c30b1bea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22527", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/74", "content": "(Remote Code Execution) Vulnerability In #Confluence Data Center and Confluence Server with #CVSS v3: 10/10\n\nSeverity: \nAtlassian rates the severity level of this vulnerability as critical (10.0 with the following vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) per our internal assessment.\nThis is our assessment, and you should evaluate its applicability to your own IT environment.\n\nAffected Versions:\nThis RCE (Remote Code Execution) vulnerability affects out-of-date Confluence Data Center and Server 8 versions released before Dec. 5, 2023 as well as 8.4.5 which no longer receives backported fixes in accordance with our Security Bug Fix Policy. Atlassian recommends patching to the latest version.\n\nNote: 7.19.x LTS versions are not affected by this vulnerability\n\nProduct\nConfluence Data Center and Server\n\nAffected Versions\n8.0.x\n8.1.x\n8.2.x\n8.3.x\n8.4.x\n8.5.0-8.5.3\n\nhttps://www.opencve.io/cve/CVE-2023-22527\n\nhttps://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html\n\nPoC: https://github.com/Avento/CVE-2023-22527_Confluence_RCE", "creation_timestamp": "2024-01-17T13:27:43.000000Z"}