一、 漏洞 CVE-2023-22527 基础信息
漏洞标题
N/A
来源:AIGC 神龙大模型
漏洞描述信息
摘要: 在 Confluence 数据中心和服务器的旧版本中存在模板注入漏洞,未经过身份验证的攻击者可以在受影响的实例上实现 RCE。使用受影响版本的客户必须立即采取行动。 大多数最近支持的 Confluence 数据中心和服务器版本不受此漏洞的影响,因为最终在常规版本更新中得到了缓解。然而,Atlassian 建议客户注意安装最新版本,以保护其实例免受 Atlassian 一月安全公告中概述的非关键漏洞的影响。 请参阅“您需要做什么”以获取详细说明。 {面板:背景颜色=#deebff} Atlassian Cloud 站点不受此漏洞影响。如果您的 Confluence 站点通过 atlassian.net 域访问,则它由 Atlassian 提供,因此不受此问题的影响。 {面板} 受影响的版本 ||产品||受影响版本|| |Confluence 数据中心和服务器| 8.0.x 8.1.x 8.2.x 8.3.x 8.4.x 8.5.0 8.5.1 8.5.2 8.5.3|| 固定版本 ||产品||固定版本|| |Confluence 数据中心和服务器|8.5.4(LTS)|| |Confluence 数据中心| 8.6.0 或更高版本(数据中心专用) 8.7.1 或更高版本(数据中心专用)|| 您需要做什么 立即修补到固定版本 Atlassian 建议您修复每个受影响的安装到最新版本。列出的固定版本不再是最新版本,也无法保护您的实例免受 Atlassian 一月安全公告中概述的其他非关键漏洞的影响。
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
来源:AIGC 神龙大模型
漏洞类别
对生成代码的控制不恰当(代码注入)
来源:AIGC 神龙大模型
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Atlassian Confluence 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Atlassian Confluence是澳大利亚Atlassian公司的一套专业的企业知识管理与协同软件,也可以用于构建企业WiKi。 Atlassian Confluence Data Center and Server存在安全漏洞,该漏洞源于存在模板注入漏洞,允许未经身份验证的攻击者在受影响的实例上实现远程代码执行。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2023-22527 的公开POC
# POC 描述 源链接 神龙链接
1 CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC https://github.com/Avento/CVE-2023-22527_Confluence_RCE POC详情
2 None https://github.com/Sudistark/patch-diff-CVE-2023-22527 POC详情
3 CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC https://github.com/ga0we1/CVE-2023-22527_Confluence_RCE POC详情
4 None https://github.com/Drun1baby/CVE-2023-22527 POC详情
5 A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. https://github.com/cleverg0d/CVE-2023-22527 POC详情
6 A critical severity Remote Code Execution (RCE) vulnerability (CVE-2023-22527) was discovered in Confluence Server and Data Center. https://github.com/Manh130902/CVE-2023-22527-POC POC详情
7 [Confluence] CVE-2023-22527 realworld poc https://github.com/VNCERT-CC/CVE-2023-22527-confluence POC详情
8 This repository presents a proof-of-concept of CVE-2023-22527 https://github.com/Vozec/CVE-2023-22527 POC详情
9 Atlassian Confluence - Remote Code Execution (CVE-2023-22527) https://github.com/C1ph3rX13/CVE-2023-22527 POC详情
10 POC https://github.com/Niuwoo/CVE-2023-22527 POC详情
11 Atlassian Confluence - Remote Code Execution https://github.com/Chocapikk/CVE-2023-22527 POC详情
12 An Exploitation tool to exploit the confluence server that are vulnerable to CVE-2023-22527 leads to RCE https://github.com/sanjai-AK47/CVE-2023-22527 POC详情
13 Exploit for CVE-2023-22527 - Atlassian Confluence https://github.com/yoryio/CVE-2023-22527 POC详情
14 None https://github.com/thanhlam-attt/CVE-2023-22527 POC详情
15 CVE-2023-22527 https://github.com/Privia-Security/CVE-2023-22527 POC详情
16 Atlassian Confluence Remote Code Execution(RCE) Proof Of Concept https://github.com/MaanVader/CVE-2023-22527-POC POC详情
17 CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC https://github.com/adminlove520/CVE-2023-22527 POC详情
18 CVE-2023-22527 Batch scanning https://github.com/YongYe-Security/CVE-2023-22527 POC详情
19 CVE-2023-22527 内存马注入工具 https://github.com/Boogipop/CVE-2023-22527-Godzilla-MEMSHELL POC详情
20 confluence CVE-2023-22527 漏洞利用工具,支持冰蝎/哥斯拉内存马注入,支持设置 http 代理 https://github.com/M0untainShley/CVE-2023-22527-MEMSHELL POC详情
21 Three go-exploits exploiting CVE-2023-22527 to execute arbitrary code in memory https://github.com/vulncheck-oss/cve-2023-22527 POC详情
22 An Exploitation tool to exploit the confluence server that are vulnerable to CVE-2023-22527 leads to RCE https://github.com/RevoltSecurities/CVE-2023-22527 POC详情
23 PoC for the NAPLISTENER exploit: https://nvd.nist.gov/vuln/detail/CVE-2023-22527 (Purpose: To practice automating exploits) https://github.com/ttate10/CVE-2023-22527 POC详情
24 CVE-2023-22527 | RCE using SSTI in Confluence https://github.com/kh4sh3i/CVE-2023-22527 POC详情
25 script for exploiting CVE-2023-22527, which is described as a Server-Side Template Injection (SSTI) vulnerability in Atlassian Confluence https://github.com/AxthonyV/CVE-2023-22527 POC详情
26 A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-22527.yaml POC详情
27 None https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Atlassian%20Confluence%20OGNL%E8%A1%A8%E8%BE%BE%E5%BC%8F%E6%B3%A8%E5%85%A5%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2023-22527.md POC详情
28 https://github.com/vulhub/vulhub/blob/master/confluence/CVE-2023-22527/README.md POC详情
三、漏洞 CVE-2023-22527 的情报信息