Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Back to KEV List

Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability

Added June 2, 2022 Due June 6, 2022 CVE-2022-26134
Overdue Atlassian / Confluence Server/Data Center Known Ransomware Use CWE-917

Description

Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.

Required Action

Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.

References

Additional Information

Catalog Version
2025.01.24
Catalog Released
Jan. 24, 2025
Days Until Due
0 days
Last Updated
7 months, 2 weeks ago