CVE-2023-22515CISA KEVEPSS p100.0%

CVE-2023-22515Atlassian Confluence Data Center and Server Broken Access Control Vulnerability

Atlassian / Confluence Data Center and Server

Description

Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and access Confluence.

Scoring

EPSS99.70% probability of exploitation · percentile 100.0% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2023-10-05

(incoming)1

TypeTargetConfidenceTier
KEVEntryAtlassian Confluence Data Center and Server Broken Access Control Vulnerabilitykev-cve-2023-225150%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
CVE
Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability
CVE
Atlassian Confluence Data Center and Server Template Injection Vulnerability
CVE
Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability
CVE
Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability
CVE
Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.