Determining the number of internet-facing hosts affected by a new vulnerability is a key factor in determining if it will become a widespread or emergent threat.
Are there a lot of hosts affected? Pretty good possibility things are about to pop off. Only a few hosts? Probably less likely. But actually, counting those hosts has become quite a bit more challenging. Take for example, CVE-2023-22527 affecting Atlassian Confluence. At the time of writing, Confluence has appeared on the CISA KEV list nine (yes, nine) times. That’s a level of exploitation that should encourage everyone to get their Confluence servers off the internet. But let’s look for ourselves.
Read more…
Source: VulnCheck