Description
Due to an improper authorization control vulnerability in Confluence, an unauthenticated attacker can create an administrator account and get full access to the system.
Remediation
Upgrade to the latest version of Confluence
References
Improper Authorization in Confluence Data Center and Server - CVE-2023-22518
Atlassian Confluence Server (CVE-2023-22518) - Improper Authorization
Related Vulnerabilities
XWiki Improper Authentication Vulnerability (CVE-2022-36093)
MySQL CVE-2018-2646 Vulnerability (CVE-2018-2646)
Apache Traffic Server Remote DOS Attack (CVE-2021-27737)
Ruby on Rails Data Processing Errors Vulnerability (CVE-2014-3916)
Jenkins Uncontrolled Resource Consumption Vulnerability (CVE-2021-28165)