
Rule Info
Name
CVE-2023-22518 Exploitation Attempt - Vulnerable Endpoint Connection (Webserver)
Author
Andreas Braathen (mnemonic.io)
Description
Detects exploitation attempt of CVE-2023-22518 (Confluence Data Center / Confluence Server), where an attacker can exploit vulnerable endpoints to e.g. create admin accounts and execute arbitrary commands.
Date
2023-11-14 00:00:00
Modified
None
Id
a902d249-9b9c-4dc4-8fd0-fbe528ef965c
Tags
attack.initial-access attack.t1190 cve.2023-22518 detection.emerging-threats
Type
Community Rule
Link to Public Repo
Rule History
Author
Title
Date
Commit
frack113
Merge PR #5169 from @frack113 - Add missing `detection.emerging-threats` tags
2025-01-30
github-actions[bot]
Merge PR #5027 from @nasbench - Promote older rules status from `experimental` to `test`
2024-10-01
Nasreddine Bencherchali
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
2024-08-12
Andreas Braathen
Merge PR #4567 from @netgrain - Adding analytics for CVE-2023-22518
2023-11-15