LetsDefend SA Event ID: 197, SOC235 — Atlassian Confluence Broken Access Control 0-Day…
Tags
| attack-pattern: | Data Confluence - T1213.001 Exploitation For Initial Access - T1664 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Whois - T1596.002 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | 5f7b3bbc-37d5-4c1f-b2b6-d8cc9e21c053 |
| Fingerprint | bffdf195dea73989 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 28, 2024, 9:10 p.m. |
| Added to db | Sept. 28, 2024, 11:20 p.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | LetsDefend SA Event ID: 197, SOC235 — Atlassian Confluence Broken Access Control 0-Day CVE-2023–22515 |
| Title | LetsDefend SA Event ID: 197, SOC235 — Atlassian Confluence Broken Access Control 0-Day… |
| Detected Hints/Tags/Attributes | 24/1/10 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 102 | cve-2023-22515 |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 268 | www.virustotal.com |
|
| Details | Domain | 55 | otx.alienvault.com |
|
| Details | IPv4 | 4 | 43.130.1.222 |
|
| Details | IPv4 | 3 | 172.16.17.234 |
|
| Details | Url | 1 | https://blog.qualys.com/vulnerabilities-threat-research/2023/11/15/atlassian-confluence-broken-access-control-vulnerability-cve-2023-22515 |
|
| Details | Url | 4 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-289a |
|
| Details | Url | 1 | https://www.virustotal.com/gui/ip-address/43.130.1.222/detection |
|
| Details | Url | 1 | https://otx.alienvault.com/indicator/ip/43.130.1.222 |