Atlassian warned admins that a public exploit is now available for a critical Confluence security flaw that can be used in data destruction attacks targeting Internet-exposed and unpatched instances.
Tracked as CVE-2023-22518, this is an improper authorization vulnerability with a 9.1/10 severity rating affecting all versions of Confluence Data Center and Confluence Server software.
Atlassian warned in an update to the original advisory that it found a publicly available exploit that puts publicly accessible instances at critical risk.
"As part of Atlassian's ongoing monitoring of this CVE, we observed publicly posted critical information about the vulnerability which increases risk of exploitation," the company said.
"There are still no reports of an active exploit, though customers must take immediate action to protect their instances. If you already applied the patch, no further action is required."
While attackers can exploit the vulnerability to wipe data on impacted servers, it cannot be used to steal data stored on vulnerable instances. It's also important to mention that Atlassian Cloud sites accessed through an atlassian.net domain are unaffected, according to Atlassian.
Today's warning follows another one
issued by Atlassian's Chief Information Security Officer (CISO) Bala Sathiamurthy when the vulnerability was patched on Tuesday.
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}