支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2023-22515 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

漏洞
N/A
来源: 美国国家漏洞数据库 NVD
漏洞信息
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
来源: 美国国家漏洞数据库 NVD
漏洞信息
N/A
来源: 美国国家漏洞数据库 NVD
漏洞
N/A
来源: 美国国家漏洞数据库 NVD
漏洞
Atlassian Confluence Server 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
漏洞信息
Atlassian Confluence Server是澳大利亚Atlassian公司的一套具有企业知识管理功能,并支持用于构建企业WiKi的协同软件的服务器版本。 Atlassian Confluence Server存在安全漏洞,该漏洞源于外部攻击者可能利用可公开访问的Confluence Data Center和Confluence Serve,用未知的漏洞来创建Confluence 管理员帐户并访问 Confluence 实例。
来源: 中国国家信息安全漏洞库 CNNVD
漏洞信息
N/A
来源: 中国国家信息安全漏洞库 CNNVD
漏洞
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
AtlassianConfluence Data Center < 8.0.0 -
AtlassianConfluence Server < 8.0.0 -
二、漏洞 CVE-2023-22515 的公开POC
#POC 描述源链接神龙链接
1Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluencehttps://github.com/ErikWynter/CVE-2023-22515-ScanPOC详情
2Poc for CVE-2023-22515https://github.com/j3seer/CVE-2023-22515-POCPOC详情
3CVE-2023-22515: Confluence Broken Access Control Exploithttps://github.com/Chocapikk/CVE-2023-22515POC详情
4Confluence未授权添加管理员用户(CVE-2023-22515)漏洞利用工具https://github.com/ad-calcium/CVE-2023-22515POC详情
5CVE-2023-22515 - Broken Access Control Vulnerability in Confluence Data Center and Serverhttps://github.com/kh4sh3i/CVE-2023-22515POC详情
6Confluence未授权添加管理员用户漏洞利用脚本https://github.com/sincere9/CVE-2023-22515POC详情
7Confluence Data Center & Server 权限提升漏洞 Exploithttps://github.com/Le1a/CVE-2023-22515POC详情
8Confluence Broken Access Controlhttps://github.com/Vulnmachines/confluence-cve-2023-22515POC详情
9iveresk-CVE-2023-22515https://github.com/iveresk/CVE-2023-22515POC详情
10Confluence后台rcehttps://github.com/youcannotseemeagain/CVE-2023-22515_RCEPOC详情
11cve-2023-22515的python利用脚本https://github.com/DsaHen/cve-2023-22515-expPOC详情
12CVE-2023-22515 (Confluence Broken Access Control Exploit)https://github.com/joaoviictorti/CVE-2023-22515POC详情
13CVE-2023-22515https://github.com/C1ph3rX13/CVE-2023-22515POC详情
14CVE-2023-22515https://github.com/AIex-3/confluence-hackPOC详情
15Server Broken Access Control in Confluence - CVE-2023-22515https://github.com/LucasPDiniz/CVE-2023-22515POC详情
16配合 CVE-2023-22515 后台上传jar包实现RCEhttps://github.com/aaaademo/Confluence-EvilJarPOC详情
17Nonehttps://github.com/edsonjt81/CVE-2023-22515-Scan.POC详情
18Confluence broken access control to code executionhttps://github.com/INTfinityConsulting/cve-2023-22515POC详情
19A simple exploit for CVE-2023-22515https://github.com/CalegariMindSec/Exploit-CVE-2023-22515POC详情
20Atlassian Confluence Data Center and Server Broken Access Control Vulnerabilityhttps://github.com/rxerium/CVE-2023-22515POC详情
21NSE script for checking the presence of CVE-2023-22515https://github.com/fyx1t/NSE--CVE-2023-22515POC详情
22This script will inform the user if the Confluence instance is vulnerable, but it will not proceed with the exploitation steps.https://github.com/s1d6point7bugcrowd/CVE-2023-22515-checkPOC详情
23NSE script to check if app is vulnerable to cve-2023-22515https://github.com/xorbbo/cve-2023-22515POC详情
24Vulnerability checking tool via Nmap Scripting Enginehttps://github.com/spareack/CVE-2023-22515-NSEPOC详情
25CVE 2023-22515https://github.com/Onedy1703/CVE-2023-22515POC详情
26CVE 2023-22515https://github.com/Onedy1703/CVE-2023-22515-ConfluencePOC详情
27Nonehttps://github.com/vivigotnotime/CVE-2023-22515-Exploit-ScriptPOC详情
28Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-22515.yamlPOC详情
29Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Atlassian%20Confluence%20server-info.action%20%E5%B1%9E%E6%80%A7%E8%A6%86%E7%9B%96%E5%AF%BC%E8%87%B4%E6%9D%83%E9%99%90%E7%BB%95%E8%BF%87%E6%BC%8F%E6%B4%9E%20CVE-2023-22515.mdPOC详情
30https://github.com/vulhub/vulhub/blob/master/confluence/CVE-2023-22515/README.mdPOC详情
31CVE-2023-22515 (Confluence Broken Access Control Exploit)https://github.com/killvxk/CVE-2023-22515-joaoviictortiPOC详情
32Confluence未授权添加管理员用户漏洞利用脚本https://github.com/K4ptor/CVE-2023-22515POC详情
33I was presented with a high-severity alert indicating a potential exploit attempt of CVE-2023-22515, a zero-day vulnerability in Atlassian Confluence. The alert showed a suspicious GET request from an external IP targeting the Confluence server, suggesting an attempt to gain unauthorised admin access.https://github.com/Arkha-Corvus/LetsDefend-SOC235-Atlassian-Confluence-Broken-Access-Control-0-Day-CVE-2023-22515-EventID-197POC详情
34Hands-on security lab demonstrating CVE-2023-22515 — Atlassian Confluence Authentication Bypass using a simulated vulnerable environment.https://github.com/CyberSentinel321/cve-2023-22515-labPOC详情
35Confluence CVE-2023-22515 - Create admin accounthttps://github.com/radzek15/CVE-2023-22515POC详情
36Nonehttps://github.com/tranphuc2005/CVE-2023-22515POC详情
37Nonehttps://github.com/dkq-k/CVE-2023-22515POC详情
38Nonehttps://github.com/dkq-k/cve-2023-22515-1POC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2023-22515 的情报信息
登录 三、漏洞 %(cve_id)s 的情报信息
新漏洞
产品: Confluence Data Center
厂商: Atlassian
四、漏洞 CVE-2023-22515 的评论

暂无评论

发表评论