Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-22515. This critical vulnerability affects certain versions of Atlassian Confluence Data Center and Server, enabling malicious threat actors to obtain initial access to Confluence instances by creating unauthorized Confluence administrator accounts.
CISA strongly encourages upgrading to a fixed version or taking servers offline to apply necessary updates. For upgrade instructions, a complete list of affected product versions, and indicators of compromise, see Atlassian’s security advisory.