What is the Attack?
The vulnerability attack is targeting an authentication bypass flaw in Atlassian Confluence Server and Confluence Data Center. The vulnerability is due to insufficient validation of user-supplied inputs. A successful exploitation may create an administrator account on the vulnerable server.
What is the Vendor Solution?
Atlassian released firmware updates to the affected products. For more information, click here.
What FortiGuard Coverage is available?
FortiGuard Labs has an IPS signature “Atlassian.Confluence.Unauthorized.Admin.Account.Creation” to detect and block any attack targeting CVE-2023-22515.
FortiGuard Labs also advises to install the latest available patch for the affected products from the vendor as soon as possible.