Skip to content

Atlassian Confluence Data Center and Server Broken Access Control Vulnerability

Notifications You must be signed in to change notification settings

rxerium/CVE-2023-22515

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 

Repository files navigation

CVE-2023-22515

How does this detection method work?

This template looks at the following endpoints:

     - "{{BaseURL}}/dologin.action"
     - "{{BaseURL}}"
     - "{{BaseURL}}/pages"
     - "{{BaseURL}}/confluence"
     - "{{BaseURL}}/wiki"

From these endpoints it will extract the version, if the version matches any of the below versions it is considered vulnerable:

         - "8.0.0"
         - "8.0.1"
         - "8.0.2"
         - "8.0.3"
         - "8.0.4"
         - "8.1.0"
         - "8.1.1"
         - "8.1.3"
         - "8.1.4"
         - "8.2.0"
         - "8.2.1"
         - "8.2.2"
         - "8.2.3"
         - "8.3.0"
         - "8.3.1"
         - "8.3.2"
         - "8.4.0"
         - "8.4.1"
         - "8.4.2"
         - "8.5.0"
         - "8.5.1"

How do I run this template?

  1. Download Nuclei from here
  2. Copy the template to your local system
  3. Run the following command: nuclei -u https://yourHost.com -t CVE-2023-22515.yaml

Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

Contact

If you have any questions feel free to reach out to me on Signal or via email: [email protected].

About

Atlassian Confluence Data Center and Server Broken Access Control Vulnerability

Topics

Resources

Stars

Watchers

Forks