Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515)

Atlassian has fixed a critical zero-day vulnerability in Confluence Data Center and Server that is being exploited in the wild.

“Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances,” the company said.

Atlassian describes CVE-2023-22515 as a critical privilege escalation vulnerability, and has confirmed that it affects Confluence Data Center and Server versions 8.0.0 and later.

“Instances on the public internet are particularly at risk, as this vulnerability is exploitable anonymously. If your Confluence site is accessed via an domain, it is hosted by Atlassian and is not vulnerable to this issue,” the company stated.

“Atlassian’s advisory implies that the vulnerability is remotely exploitable, which is typically more consistent with an authentication bypass or remote code execution chain than a privilege escalation issue by itself. It’s possible that the vulnerability could allow a regular user account to elevate to admin – notably, Confluence allows for new user sign-ups with no approval, but this feature is disabled by default,” she noted.

Among them is CVE-2021-26084 in Atlassian Confluence Server, which has been patched two years ago but is still being exploited by attackers.

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.
This field is for validation purposes and should be left unchanged.

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

Tell us About your Needs
Get an Answer the Same Business Day

Got an urgent request? Call us at 1-877-805-7475 or Book a meeting.

What happens next:

A Vumetric expert will contact you to learn more about your cybersecurity needs and goals.

The project's scope will be defined (Target environment, deadlines, requirements, etc.)

A detailed quote including all-inclusive pricing and statement of work is sent to you.

This field is for validation purposes and should be left unchanged.


Everything You Need to Know

Gain confidence in your future cybersecurity assessments by learning to effectively plan, scope and execute projects.


Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g:,, etc.)

This site is registered on as a development site. Switch to a production site key to remove this banner.