COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Confluence Data Center and Server product

3
failure events
0
zero-days
1
RCEs
3
on KEV
3
critical
95
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 3 events

DateEventSevFlagsShameSummary
2024-01-24 CVE-2023-22527 critical ⚡RCE ⌖KEV 95 Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can lead to remote code execution.
2023-11-07 CVE-2023-22518 critical ⌖KEV 80 Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in significant data loss when exploited by an unauthenticated attacker. There is no impact on confidentiality since the attacker cannot exfiltrate any data.
2023-10-05 CVE-2023-22515 critical ⌖KEV 80 Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.