1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Atlassian Confluence Data Center and Server Template Injection Vulnerability

Known Exploited Vulnerabilities CVE-2023-22527 Mappings

A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-22527 Atlassian Confluence Data Center and Server Template Injection Vulnerability primary_impact T1496 Resource Hijacking
Comments
CVE-2023-22527 is a template injection vulnerability that allows an unauthenticated adversary to achieve remote code execution. Adversaries have been observed exploiting this vulnerability for cryptomining purposes.
References
  1. https://www.trendmicro.com/en_us/research/24/h/cve-2023-22527-cryptomining.html
CVE-2023-22527 Atlassian Confluence Data Center and Server Template Injection Vulnerability exploitation_technique T1221 Template Injection
Comments
CVE-2023-22527 is a template injection vulnerability that allows an unauthenticated adversary to achieve remote code execution. Adversaries have been observed exploiting this vulnerability for cryptomining purposes.
References
  1. https://www.trendmicro.com/en_us/research/24/h/cve-2023-22527-cryptomining.html