InformationWeek is part of the Informa TechTarget Division of Informa PLC

Informa PLC|ABOUT US|INVESTOR RELATIONS|TALENT

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Reports Online Events Advertise About

Newsletter Sign-Up

Leadership

Recent in Leadership

See All Leadership

Computer code image over business people collaborating in modern office

Machine Learning & AI

How to Find and Train Internal AI Talent How to Find and Train Internal AI Talent

byJohn Edwards

Dec 11, 2024

5 Min Read

lightbulb illustrated in water colors

IT Leadership

How to Channel a ‘World’s Fair’ Culture to Engage IT Talent How to Channel a ‘World’s Fair’ Culture to Engage IT Talent

byChris O’Neill

Dec 11, 2024

4 Min Read

Resilience

Recent in Resilience

See All Resilience

Pest insect termite theme

Cyber Resilience

What Do We Know About the New Ransomware Gang Termite?What Do We Know About the New Ransomware Gang Termite?

byCarrie Pallardy

Dec 12, 2024

4 Min Read

hand shadow

Cyber Resilience

Finding Your Shadow: Can Shadow IT Be Controlled?Finding Your Shadow: Can Shadow IT Be Controlled?

byKashif Nazir

Dec 12, 2024

4 Min Read

ML & AI

Recent in ML & AI

See All ML & AI

Computer code image over business people collaborating in modern office

Machine Learning & AI

How to Find and Train Internal AI Talent How to Find and Train Internal AI Talent

byJohn Edwards

Dec 11, 2024

5 Min Read

Future Technology Concept. Woman works with digital screen in futuristic space. 3 D illustration.

IT Leadership

What Enterprise IT Predictions Actually Mattered in 2024?What Enterprise IT Predictions Actually Mattered in 2024?

byJoao-Pierre S. Ruth

Dec 9, 2024

Data

Recent in Data

See All Data Mgmt

thumbnail

Recent in Sustainability

See All Sustainability

green earth illustration

Sustainability

Uniting IT, Finance, and Sustainability Through the Integrated Profit and Loss Uniting IT, Finance, and Sustainability Through the Integrated Profit and Loss

byRick Pastore

Dec 13, 2024

4 Min Read

green earth illustration

Sustainability

Purpose Versus Profit: Should Tech Companies Have Both?Purpose Versus Profit: Should Tech Companies Have Both?

byMarco Pimentel

Dec 10, 2024

5 Min Read

Infrastructure

Recent in Infrastructure

See All Infrastructure

copper lines

IT Infrastructure

Are You Ready for the Attack of the Copper Thieves?Are You Ready for the Attack of the Copper Thieves?

byNetwork Computing

Dec 13, 2024

1 Min Read

Composite image of image of data center

IT Infrastructure

New Data Center Developments: December 2024 New Data Center Developments: December 2024

byData Center Knowledge

Dec 11, 2024

1 Min Read

Software

Recent in Software

See All Software

Retro Robot with application programming interface sign

Software & Services

What Developers Should Know About Embedded AI What Developers Should Know About Embedded AI

byLisa Morgan

Dec 12, 2024

9 Min Read

hand shadow

Cyber Resilience

Finding Your Shadow: Can Shadow IT Be Controlled?Finding Your Shadow: Can Shadow IT Be Controlled?

byKashif Nazir

Dec 12, 2024

4 Min Read

Newsletters
Reports/Research
Online Events
Live Events
Podcasts

White Papers
Advertise With Us
About Us
IT Sectors

InformationWeek Resource Library

Cyber Resilience
Cybersecurity
Incident Response

Critical Zero-Day Bug in Atlassian Confluence Under Active Exploit

Patch now: The Atlassian security vulnerability appears to be a remotely exploitable privilege-escalation bug that cyberattackers could use to crack collaboration environments wide open.

Dark Reading, Staff & Contributors

October 6, 2023

1 Min Read

Andre Boukreev via Shutterstock

A critical privilege-escalation vulnerability in Atlassian Confluence Server and Confluence Data Center has been disclosed, with evidence of exploitation in the wild as a zero-day bug.

The flaw (CVE-2023-22515) affects on-premises instances of the platforms, in versions 8.0.0 and after.

"Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances," according to Atlassian's advisory on CVE-2023-22515, released late on Oct. 4.

Read the Full Article on Dark Reading

About the Author

Dark Reading

Staff & Contributors

Dark Reading: Connecting The Information Security Community

Long one of the most widely-read cybersecurity news sites on the Web, Dark Reading is also the most trusted online community for security professionals. Our community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals.

See more from Dark Reading

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

SIGN-UP

Editor's Choice

IT Leadership

SolarWinds CEO on Building Trust After Breach, Unifying IT and C-Suite, and GenAI Future

Nov 26, 2024

Tech war between China and the USA. Flag of USA and China on a microprocessor

Machine Learning & AI

The New Cold War: US Urged to Form ‘Manhattan Project’ for AGI

Nov 21, 2024

cloud computing background

IT Infrastructure

6 Cloud Trends to Watch in 2025

Nov 18, 2024

Young businessman working on a virtual screen of the future and sees the inscription: Now hiring

IT Leadership

Help Wanted: IT Hiring Trends in 2025

Nov 20, 2024

Calculator displaying the text "SALARY" on top of $100 bills.

IT Leadership

2024 InformationWeek US IT Salary Report: Profits, Layoffs, and the Continued Rise of AI

2024 InformationWeek US IT Salary Report

Jun 4, 2024

Webinars

The CIO’s Guide to IT Automation in 2025: Enabling Innovation & Efficiency
Feb 6, 2025

More Webinars

White Papers

Unlocking Generative AI's Potential: A Fast Track to Trusted Solutions
The Defender's Advantage for Critical Infrastructure and Operational Technology
The Defender's Advantage | A guide to activating cyber defense
IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment
Tools and Technologies for Managing Cyber Risk in 2024

More White Papers

Reports

2024 The State of Data Management, Privacy, and Governance
Dec 6, 2024
2024 InformationWeek US IT Salary Report
May 29, 2024
2022 State of ITOps and SecOps
Jun 21, 2022

More Reports

Copyright © 2024. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466.

Home|Cookie Policy|Privacy|Terms of Use

Related Topics

Recent in Leadership

Related Topics

Recent in Resilience

Related Topics

Recent in ML & AI

Related Topics

Recent in Data

Related Topics

Recent in Sustainability

Related Topics

Recent in Infrastructure

Related Topics

Recent in Software

Related Topics

Critical Zero-Day Bug in Atlassian Confluence Under Active Exploit

About the Author

Editor's Choice

Related Topics

Recent in Leadership

Related Topics

Recent in Resilience

Related Topics

Recent in ML & AI

Related Topics

Recent in Data

Related Topics

Recent in Sustainability

Related Topics

Recent in Infrastructure

Related Topics

Recent in Software

Related Topics

<span class="ArticleBase-LargeTitle">Critical Zero-Day Bug in Atlassian Confluence Under Active Exploit</span>Critical Zero-Day Bug in Atlassian Confluence Under Active Exploit

About the Author

Editor's Choice

Critical Zero-Day Bug in Atlassian Confluence Under Active Exploit