Search Results for "CVE-2023-22518"

Emerging Threathightest

CVE-2023-22518 Exploitation Attempt - Suspicious Confluence Child Process (Linux)

Detects exploitation attempt of CVE-2023-22518 (Confluence Data Center / Confluence Server), where an attacker can exploit vulnerable endpoints to e.g. create admin accounts and execute arbitrary commands.

LinuxProcess Creation

Andreas Braathen (mnemonic.io)Tue Nov 142023

Emerging Threatmediumtest

CVE-2023-22518 Exploitation Attempt - Suspicious Confluence Child Process (Windows)

Detects exploitation attempt of CVE-2023-22518 (Confluence Data Center / Confluence Server), where an attacker can exploit vulnerable endpoints to e.g. create admin accounts and execute arbitrary commands.

WindowsProcess Creation

Andreas Braathen (mnemonic.io)Tue Nov 142023

Emerging Threatmediumtest

CVE-2023-22518 Exploitation Attempt - Vulnerable Endpoint Connection (Proxy)

Detects exploitation attempt of CVE-2023-22518 (Confluence Data Center / Confluence Server), where an attacker can exploit vulnerable endpoints to e.g. create admin accounts and execute arbitrary commands.

Proxy Log

Andreas Braathen (mnemonic.io)Tue Nov 142023

Emerging Threatmediumtest

CVE-2023-22518 Exploitation Attempt - Vulnerable Endpoint Connection (Webserver)

Detects exploitation attempt of CVE-2023-22518 (Confluence Data Center / Confluence Server), where an attacker can exploit vulnerable endpoints to e.g. create admin accounts and execute arbitrary commands.

Web Server Log

Andreas Braathen (mnemonic.io)Tue Nov 142023

Sigma Rules

CVE-2023-22518 Exploitation Attempt - Suspicious Confluence Child Process (Linux)

CVE-2023-22518 Exploitation Attempt - Suspicious Confluence Child Process (Windows)

CVE-2023-22518 Exploitation Attempt - Vulnerable Endpoint Connection (Proxy)

CVE-2023-22518 Exploitation Attempt - Vulnerable Endpoint Connection (Webserver)