module
Atlassian Confluence Unauth JSON setup-restore Improper Authorization leading to RCE (CVE-2023-22518)
| Disclosed | Created |
|---|---|
| 2023-10-31 | 2023-12-18 |
Disclosed
2023-10-31
Created
2023-12-18
Description
This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a
Confluence instance administrator account. Using this account, an attacker can then perform all
administrative actions that are available to Confluence instance administrator. This module uses the
administrator account to install a malicious .jsp servlet plugin which the user can trigger to gain code
execution on the target in the context of the of the user running the confluence server.
Confluence instance administrator account. Using this account, an attacker can then perform all
administrative actions that are available to Confluence instance administrator. This module uses the
administrator account to install a malicious .jsp servlet plugin which the user can trigger to gain code
execution on the target in the context of the of the user running the confluence server.
Authors
Atlassian
jheysel-r7
jheysel-r7
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.