Security News > 2022 > June > Exploit released for Atlassian Confluence RCE bug, patch now
Proof-of-concept exploits for the actively exploited critical CVE-2022-26134 vulnerability impacting Atlassian Confluence and Data Center servers have been widely released this weekend.
The vulnerability tracked as CVE-2022-26134 is a critical unauthenticated, remote code execution vulnerability exploited through OGNL injection and impacts all Atlassian Confluence and Data Center 2016 servers after version 1.3.0.
On Friday, Atlassian released security updates to fix the vulnerability just as attacks escalated in the wild.
Friday afternoon, a proof-of-concept exploit for the Atlassian Confluence vulnerability was publicly posted.
The exploit soon spread widely online over the weekend, with researchers sharing examples on Twitter of how trivial it was to exploit.
If for some reason, you are unable to patch your servers immediately, Atlassian has provided mitigations for Confluence 7.0.0 through version 7.18.0.
News URL
Related news
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)
- 'Patch yesterday': Zimbra mail servers under siege through RCE vuln (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- Akira and Fog ransomware now exploit critical Veeam RCE flaw (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Emergency patch: Cisco fixes bug under exploit in brute-force attacks (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-03 | CVE-2022-26134 | Expression Language Injection vulnerability in Atlassian Confluence Data Center In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. | 9.8 |