0-day vulnerability CVE-2022-26134 in Atlassian Confluence Server fixed

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researchers from Volexity discovered an actively exploited 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence Server software last weekend. Now Atlassian Confluence has named the affected software versions while providing security updates to close the vulnerability. Administrators should install the security updates immediately. Addendum: There is now a public exploit.


Advertising

0-day vulnerability CVE-2022-26134

Security researchers from Volexity have pointed out the issue documented in the blog post Zero-Day Exploitation of Atlassian Confluence, dated June 2, 2022, via the following tweet. Atlassian Confluence Server, Data Center in different versions are affected (see also 0-day vulnerarbility CVE-2022-26134 in Atlassian Confluence Software).

0-day CVE-2022-26134 in Atlassian Confluence

Atlassian had confirmed vulnerability CVE-2022-26134 in Confluence Security Advisory 2022-06-02. The vulnerability CVE-2022-26134 is rated with a critical severity there and affects an unauthenticated remote code execution vulnerability in Confluence Server and Data Center. Since this vulnerability was actively exploited, there was an advice to disable Atlassian Confluence software (Server, Data Center) if in doubt.

Atlassian Confluence security update

A few hours ago, Atlassian Confluence Security Advisory 2022-06-02 was updated to June 3, 2022. According to Atlassian Confluence, all servers and data centers still in support after version 1.3.0 are affected.

 Confluence Security Advisory 2022-06-02

The vendor has released security updates in the form of the following Confluence Server and Data Center versions to close the CVE-2022-26134 vulnerability.


Advertising

  • 7.4.17
  • 7.13.7
  • 7.14.3
  • 7.15.2
  • 7.16.4
  • 7.17.4
  • 7.18.1

Atlassian recommends updating affected products to the latest Long Term Support version. For a full description of the latest version, see the Confluence Release Notes   for Confluence Server and Data Center. You can download the latest version from the Download Center. For those who cannot update Confluence products immediately, see Atlassian Confluence Security Advisory 2022-06-02  for instructions on mitigating the CVE-2022-26134 vulnerability by copying various files, depending on the product version.

Addendum: There is now a public exploit, as the following tweet and this arcticle from Bleeping Computer mentions. So patch now.

PoC for Atlassian Confluence vulnerability

Similar articles
0-day vulnerability CVE-2022-26134 in Atlassian Confluence Software
Atlassian: Jira-/Confluence outage affects customers since April 5, 202
Atlassian has fixed the Jira/Confluence outage and data loss
Mass Scanning and Attacks on Confluence Enterprise Server
Atlassian vulnerability allows account takeover


Advertising

This entry was posted in Security, Software, Update and tagged , , . Bookmark the permalink.

One Response to 0-day vulnerability CVE-2022-26134 in Atlassian Confluence Server fixed

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).