CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2022-26134

CVSS 9.8v3.1pub. 2022-06-03upd. 2025-10-24

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Atlassian Confluence Data Center

    APP
    Atlassian
    7.18.07.13.0 – 7.13.7 (bez)7.14.0 – 7.14.3 (bez)1.3 – 7.4.17 (bez)7.16.0 – 7.16.4 (bez)7.17.0 – 7.17.4 (bez)7.15.0 – 7.15.2 (bez)
  • Atlassian Confluence Server

    APP
    Atlassian
    7.18.07.13.0 – 7.13.7 (bez)7.14.0 – 7.14.3 (bez)7.15.0 – 7.15.2 (bez)7.16.0 – 7.16.4 (bez)7.17.0 – 7.17.4 (bez)1.3 – 7.4.17 (bez)

CISA KEV — detailsi

Vendori
Atlassian
Producti
Confluence Server/Data Center
Added to KEVi
June 2, 2022
Remediation deadline (US Federal)i
June 6, 2022(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.

CISA descriptioni

Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 6 czerwca 2022
Tags
RCEAuth Bypass
CWE
References

Related vulnerabilities

CVE-2023-22527CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE via template injection w Atlassian Confluence Data Center i Server

CVE-2023-22518CRITICAL9.8⚠ KEVten sam produkt

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Imprope...

CVE-2023-22515CRITICAL9.8⚠ KEVten sam produkt

Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have...

CVE-2022-26138CRITICAL9.8⚠ KEVten sam produkt

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user acc...

CVE-2021-26084CRITICAL9.8⚠ KEVten sam produkt

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would a...