virus logo Threat Signal Report

Atlassian Confluence Remote Code Execution

What is the Vulnerability?

On Jan 16, 2024, Atlassian released an advisory for a template injection vulnerability on Confluence Data Center and Server. That can allow an unauthenticated attacker to remotely execute malicious code on affected versions. This vulnerability is rated with a severity level of 10.0 (Critical).

What is the Vendor Solution?

Atlassian highly recommend applying the latest version available as listed on their advisory. CVE-2023-22527 - Atlassian Support | Atlassian Documentation

What FortiGuard Coverage is available?

FortiGuard Labs has an IPS signature "Atlassian.Confluence.CVE-2023-22527.Remote.Code.Execution" in place for CVE-2023-22527. The FortiGuard is seeing active exploitation attempts on this vulnerability.

Additional Resources

Atlassian (Advisory and Mitigation)


Released Date Feb 01, 2024
Tags Threat Signal Vulnerability
CVE ID

Experienced a Breach? We're here to help

FortiGuard Incident Response Services
FortiGuard Incident Response Services
About FortiGuard Threat Signal

Learn More »