Exploit for Improper Input Validation in Atlassian Confluence_Data_Center CVE-2023-22515

Name: Exploit for Improper Input Validation in Atlassian Confluence_Data_Center CVE-2023-22515
Rating: 5 (238 reviews)

2024-07-18 | CVSS 10.0

## https://sploitus.com/exploit?id=2039F84E-A466-5DDD-B344-A8FEAE90006C
# CVE-2023-22515-NSE

This repository provides a tool to check for the presence of the CVE-2023-22515 vulnerability in Atlassian Confluence Server using the Nmap Scripting Engine (NSE).

## Overview of CVE-2023-22515

CVE-2023-22515 is a critical vulnerability in Atlassian Confluence Server that allows attackers to:

1. Modify server configurations by sending a request to the vulnerable endpoint: `bootstrapStatusProvider.applicationConfig.setupComplete=false`.
2. Send a POST request to `/setup/setupadministrator.action` to create a new administrator account.
3. Authenticate via `/rest/api/user?username={username}` and potentially compromise the system.

## NSE Script for Nmap

The provided NSE script (`script.nse`) checks for the presence of this vulnerability by:

1. Verifying the software version.
2. Analyzing responses to requests sent to vulnerable routes.

**Example for a vulnerable version:**

![Vulnerable Version Example](https://github.com/user-attachments/assets/1443b55d-46c3-4155-bce9-71b366ff5b71)

**Example for a patched version:**

![Patched Version Example](https://github.com/user-attachments/assets/fa7b5dc1-0978-4959-93f1-40601c25dcf0)

## Testing the Script

To test the script:

1. Start the services:

   ```bash
   docker compose up
   ```

2. Run the Nmap scan with the NSE script:

   ```bash
   nmap --script=script.nse -p localhost
   ```

You can replace `localhost` with `[port] [target]` if desired.

---