Atlassian Confluence vulnerability
This live blog contains information regarding the Atlassian Confluence vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog. Last updated on June 8, 2022.
T-Update
This live blog contains information regarding the Atlassian Confluence vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog. Last updated on June 8, 2022.
Update June 8, 2022
16:00 |Meanwhile, updates are available. The advice is to install them as soon as possible. If patching is not possible, Atlassian has described a number of additional mitigating measures.
Update June 3, 2022
13:00 | On the 2th of June 2022, Atlassian released a security advisory regarding a new vulnerability in the Confluence Server and Data Center applications, referred to as CVE-2022-26134. The vulnerability is rated with a critical severity and allows an unauthenticated attacker to execute code remotely.
Atlassian warns that CVE-2022-26134 is actively being exploited. Currently there are no updates available, and it is advised to apply mitigative actions as described in the security advisory as soon as possible.
Background
On the 2th of June 2022, Atlassian released a security advisory regarding a new vulnerability in the Confluence Server and Data Center applications, referred to as CVE-2022-26134. This vulnerability allows an unauthenticated attacker to execute code remotely. This vulnerability is rated as critical by Atlassian and implies a high risk of exploitation with high impact.
Risk
Based on the Atlassian security advisory all supported versions on Confluence Server and Confluence Data Center are affected. It’s likely that all unsupported versions are affected, but this has still to be confirmed by Atlassian.
Currently there is no patch available for CVE-2022-26134. In the absence of a patch, it is recommended to restrict access to Confluence Server and Data Center instances from the internet.
If you are unable to restrict access to the instances, then it is advised to implement a Web Application Firewall (WAF) rule which blocks URLS containing ${.
For more information, please refer to the Atlassian Security Advisory.
Advice
Sources
Sign up to receive T-Updates
Receive the latest vulnerabilities in your email every Wednesday
More than 1,000 organisations have already joined us.
