Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-22515 PoC — Atlassian Confluence Server 安全漏洞

Source
https://github.com/kh4sh3i/CVE-2023-22515
Associated Vulnerability
Title:Atlassian Confluence Server 安全漏洞 (CVE-2023-22515)
Description:Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
Description
CVE-2023-22515 - Broken Access Control Vulnerability in Confluence Data Center and Server
Readme
<h1 align="center">
  <br>
  <a href=""><img src="/img/logo.png" alt="" width="300px;"></a>
  <br>
  <img src="https://img.shields.io/badge/PRs-welcome-blue">
  <img src="https://img.shields.io/github/last-commit/kh4sh3i/CVE-2023-22515">
  <img src="https://img.shields.io/github/commit-activity/m/kh4sh3i/CVE-2023-22515">
  <a href="https://twitter.com/intent/follow?screen_name=kh4sh3i_"><img src="https://img.shields.io/twitter/follow/kh4sh3i_?style=flat&logo=twitter"></a>
  <a href="https://github.com/kh4sh3i"><img src="https://img.shields.io/github/stars/kh4sh3i?style=flat&logo=github"></a>
</h1>


# CVE-2023-22515
CVE-2023-22515, a critical vulnerability affecting on-premises instances of Confluence Server and Confluence Data Center, a Broken Access Control vulnerability. Attlassian has provided a CVSS base score of 10.0



## One line poc
```
cat file.txt| while read host do;do curl -skL "http://$host/setup/setupadministrator.action" | grep -i "<title>Setup System Administrator" && echo $host "is VULN";done
```




## Nuclei
```
nuclei -u target -t CVE-2023-22515.yaml
```

## Prerequisites
```
sudo pip install -r requirements.txt
```


## Usage
```
sudo python3 exploit.py --url [target]
```


## Affected Versions
```
8.0.0
8.0.1
8.0.2
8.0.3
8.0.4
8.1.0
8.1.1
8.1.3
8.1.4
8.2.0
8.2.1
8.2.2
8.2.3
8.3.0
8.3.1
8.3.2
8.4.0
8.4.1
8.4.2
8.5.0
8.5.1
```


## Fixed Versions
```
8.3.3 or later
8.4.3 or later
8.5.2 (Long Term Support release) or later
```


## refrences
* [atlassian](https://confluence.atlassian.com/security/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html)
* [nist](https://nvd.nist.gov/vuln/detail/CVE-2023-22515)
File Snapshot

 [4.0K]  /data/pocs/802c08548b6bca343c1851161de2387028cf6db1
├── [2.9K]  CVE-2023-22515.yaml
├── [3.0K]  exploit.py
├── [4.0K]  img
│   └── [ 74K]  logo.png
├── [6.9K]  LICENSE
├── [1.7K]  README.md
└── [  64]  requirements.txt

1 directory, 6 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →