{"id":24766,"date":"2022-06-04T00:28:03","date_gmt":"2022-06-03T22:28:03","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=24766"},"modified":"2022-06-05T23:19:55","modified_gmt":"2022-06-05T21:19:55","slug":"0-day-schwachstelle-cve-2022-26134-in-atlassian-confluence-server-gefixt","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2022\/06\/04\/0-day-schwachstelle-cve-2022-26134-in-atlassian-confluence-server-gefixt\/","title":{"rendered":"0-day vulnerability CVE-2022-26134 in Atlassian Confluence Server fixed"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" width=\"200\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2022\/06\/04\/0-day-schwachstelle-cve-2022-26134-in-atlassian-confluence-server-gefixt\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]Security researchers from Volexity discovered an actively exploited 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence Server software last weekend. Now Atlassian Confluence has named the affected software versions while providing security updates to close the vulnerability. Administrators should install the security updates immediately. <strong>Addendum:<\/strong> There is now a public exploit.<!--more--><\/p>\n<h2>0-day vulnerability CVE-2022-26134<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg07.met.vgwort.de\/na\/cddeb7760e794a9da8ac8b6ca51090be\" alt=\"\" width=\"1\" height=\"1\" \/>Security researchers from Volexity have pointed out the issue documented in the blog post <a href=\"https:\/\/www.volexity.com\/blog\/2022\/06\/02\/zero-day-exploitation-of-atlassian-confluence\/\">Zero-Day Exploitation of Atlassian Confluence<\/a>, dated June 2, 2022, via the following <a href=\"https:\/\/twitter.com\/Volexity\/status\/1532492927813013507\" target=\"_blank\" rel=\"noopener\">tweet<\/a>. Atlassian Confluence Server, Data Center in different versions are affected (see also <a href=\"https:\/\/borncity.com\/win\/2022\/06\/03\/0-day-schwachstelle-cve-2022-26134-in-atlassian-confluence-software\/\">0-day vulnerarbility CVE-2022-26134 in Atlassian Confluence Software<\/a>).<\/p>\n<p><img decoding=\"async\" title=\"0-day CVE-2022-26134 in Atlassian Confluence \" src=\"https:\/\/i.imgur.com\/BMYRvhm.png\" alt=\"0-day CVE-2022-26134 in Atlassian Confluence \" \/><\/p>\n<p>Atlassian had confirmed vulnerability CVE-2022-26134 in <a href=\"https:\/\/confluence.atlassian.com\/doc\/confluence-security-advisory-2022-06-02-1130377146.html\">Confluence Security Advisory 2022-06-02<\/a>. The vulnerability CVE-2022-26134 is rated with a critical severity there and affects an unauthenticated remote code execution vulnerability in Confluence Server and Data Center. Since this vulnerability was actively exploited, there was an advice to disable Atlassian Confluence software (Server, Data Center) if in doubt.<\/p>\n<h2>Atlassian Confluence security update<\/h2>\n<p>A few hours ago, Atlassian <a href=\"https:\/\/confluence.atlassian.com\/doc\/confluence-security-advisory-2022-06-02-1130377146.html\">Confluence Security Advisory 2022-06-02<\/a> was updated to June 3, 2022. According to Atlassian Confluence, all servers and data centers still in support after version 1.3.0 are affected.<\/p>\n<p><a href=\"https:\/\/confluence.atlassian.com\/doc\/confluence-security-advisory-2022-06-02-1130377146.html\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" title=\" Confluence Security Advisory 2022-06-02\" src=\"https:\/\/i.imgur.com\/OQt5iis.png\" alt=\" Confluence Security Advisory 2022-06-02\" \/><\/a><\/p>\n<p>The vendor has released security updates in the form of the following Confluence Server and Data Center versions to close the CVE-2022-26134 vulnerability.<\/p>\n<ul>\n<li>7.4.17<\/li>\n<li>7.13.7<\/li>\n<li>7.14.3<\/li>\n<li>7.15.2<\/li>\n<li>7.16.4<\/li>\n<li>7.17.4<\/li>\n<li>7.18.1<\/li>\n<\/ul>\n<p>Atlassian recommends updating affected products to the latest Long Term Support version. For a full description of the latest version, see the <a href=\"https:\/\/confluence.atlassian.com\/doc\/confluence-release-notes-327.html\" target=\"_blank\" rel=\"noopener\">Confluence Release Notes<\/a>\u00a0\u00a0 for Confluence Server and Data Center. You can download the latest version from the <a href=\"https:\/\/www.atlassian.com\/software\/confluence\/download-archives\" target=\"_blank\" rel=\"noopener\">Download Center<\/a>. For those who cannot update Confluence products immediately, see Atlassian <a href=\"https:\/\/confluence.atlassian.com\/doc\/confluence-security-advisory-2022-06-02-1130377146.html\">Confluence Security Advisory 2022-06-02<\/a>\u00a0 for instructions on mitigating the CVE-2022-26134 vulnerability by copying various files, depending on the product version.<\/p>\n<p><strong>Addendum:<\/strong> There is now a public exploit, as the following <a href=\"https:\/\/twitter.com\/BleepinComputer\/status\/1533489202746236929\" target=\"_blank\" rel=\"noopener\">tweet<\/a> and <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/exploit-released-for-atlassian-confluence-rce-bug-patch-now\/\" target=\"_blank\" rel=\"noopener\">this arcticle<\/a> from Bleeping Computer mentions. So patch now.<\/p>\n<p><a href=\"https:\/\/twitter.com\/BleepinComputer\/status\/1533489202746236929\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone\" title=\"PoC for Atlassian Confluence vulnerability\" src=\"https:\/\/i.imgur.com\/N99cbni.png\" alt=\"PoC for Atlassian Confluence vulnerability\" width=\"597\" height=\"606\" \/><\/a><\/p>\n<p><strong>Similar articles<\/strong><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2022\/06\/03\/0-day-schwachstelle-cve-2022-26134-in-atlassian-confluence-software\/\">0-day vulnerability CVE-2022-26134 in Atlassian Confluence Software<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2022\/04\/07\/atlassian-jira-confluence-ausfall-beeinflusst-kunden-seit-dem-5-april-2022\/\">Atlassian: Jira-\/Confluence outage affects customers since April 5, 202<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2022\/04\/24\/atlassian-hat-jira-confluence-ausfall-und-datenverlust-behoben\/\">Atlassian has fixed the Jira\/Confluence outage and data loss<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/09\/02\/massen-scans-und-angriffe-auf-confluence-enterprise-server\/\">Mass Scanning and Attacks on Confluence Enterprise Server<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/06\/29\/atlassian-vulnerability-allows-account-takeover\/\">Atlassian vulnerability allows account takeover<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Security researchers from Volexity discovered an actively exploited 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence Server software last weekend. Now Atlassian Confluence has named the affected software versions while providing security updates to close the vulnerability. Administrators should install the security &hellip; <a href=\"https:\/\/borncity.com\/win\/2022\/06\/04\/0-day-schwachstelle-cve-2022-26134-in-atlassian-confluence-server-gefixt\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547,22],"tags":[69,1544,195],"class_list":["post-24766","post","type-post","status-publish","format-standard","hentry","category-security","category-software","category-update","tag-security","tag-software","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/24766","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=24766"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/24766\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=24766"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=24766"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=24766"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}