Attackers Exploiting Atlassian Confluence Data Center and Server Vulnerability (CVE-2023-22527)

This is a follow-up to our previous community post for a critical template injection vulnerability in Atlassian Confluence Data Center and Server that was disclosed on January 16:

• CVE-2023-22527 

According to several sources, in-the-wild exploitation of this flaw has been observed. This includes exploit scans that seek to test if exploitation is feasible and attempts to implant malicious software, such as cryptocurrency miners (or coin miners) as well.

For more information about the vulnerability, including the availability of patches and Tenable product coverage, please visit our blog.