Over 200K likely vulnerable Confluence Data Center instances exposed: among the affected countries are France
May 2024 by Cybernews research team
Cybernews research team discovered that hundreds of thousands of likely vulnerable Atlassian Confluence Data Center and Confluence Server instances are exposed to attackers running code on them remotely.
A recently discovered vulnerability in two Atlassian products is allowing attackers to carry out remote code execution (RCE) attacks against impacted systems. Tracked as CVE-2024-21683, the RCE-capable bug affects the Confluence Data Center and Confluence Server.
According to the Cybernews research team, since businesses utilize these services to help teams work together and share information, attackers could leverage the flaw to penetrate impacted systems and obtain data.
Which countries are most affected?
• The US harbors the largest number of likely vulnerable instances, 53,195.
• 22,007 vulnerable instances are traced to Japan.
• South Africa, France, and Germany each host over 11,000 exposed unpatched Confluence services.
How many Atlassian instances are exposed?
Cybernews researchers discovered a whopping 224,962 Data Center and Server instances were exposed. Attackers can employ the same tools to discover impacted servers and leverage the recently discovered vulnerability for nefarious purposes.
For example, researchers claim attackers could utilize the bug for their first entry into a network or environment. With the initial foothold established, attackers can gain full control of the system, including the ability to install malware, access sensitive data, and manipulate system configurations.
The exposed instances also endanger regular users. Researchers believe that malicious actors could steal login credentials, which would allow them to penetrate Atlassian accounts and other accounts where the same credentials are reused.
According to the team, RCE bugs are a frequently employed attack vector for advanced ransomware gangs to gain initial entry points into target systems.