Microsoft Warns of Nation-State Hackers Exploiting Critical Atlassian Confluence Vulnerability
11-Oct-23
Microsoft has linked the exploitation of a recently reported critical issue in Atlassian Confluence Data Center and Server to Storm-0062 (aka DarkShadow or Oro0lxy), a nation-state actor.
“CVE-2023-22515 is a critical privilege escalation vulnerability in Atlassian Confluence Data Center and Server,” the company said in a series of tweets.x000D CVE-2023-22515 allows any device with a network connection to a susceptible application to establish a Confluence administrator account within the program.
