Description

This High severity DoS (Denial of Service) vulnerability was introduced in version 2.0 of Confluence Data Center. This DoS (Denial of Service) vulnerability, with a CVSS Score of 8.3, allows an attacker to cause a resource to be unavailable for its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Atlassian recommends that Confluence Data Center customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Confluence Data Center and Server 8.5: Upgrade to a release greater than or equal to 8.5.25 Confluence Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.7 Confluence Data Center and Server 10.0: Upgrade to a release greater than or equal to 10.0.2 See the release notes ([https://confluence.atlassian.com/doc/confluence-release-notes-327.html]). You can download the latest version of Confluence Data Center from the download center ([https://www.atlassian.com/software/confluence/download-archives]). This vulnerability was reported via our Atlassian (Internal) program.

INFO

Published Date :

2025-10-21T16:00:05.978Z

Last Modified :

2025-10-21T16:21:27.828Z

Source :

atlassian
AFFECTED PRODUCTS

The following products are affected by CVE-2025-22166 vulnerability.

Vendors Products
Atlassian
  • Confluence Data Center
  • Confluence Server
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-22166.

URL Resource
https://confluence.atlassian.com/pages/viewpage.action?pageId=1652920034 cve-icon cve-icon
https://jira.atlassian.com/browse/CONFSERVER-100907 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability