In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAtlassian Confluence Data Center
APPAtlassian7.18.07.13.0 – 7.13.7 (bez)7.14.0 – 7.14.3 (bez)1.3 – 7.4.17 (bez)7.16.0 – 7.16.4 (bez)7.17.0 – 7.17.4 (bez)7.15.0 – 7.15.2 (bez)Atlassian Confluence Server
APPAtlassian7.18.07.13.0 – 7.13.7 (bez)7.14.0 – 7.14.3 (bez)7.15.0 – 7.15.2 (bez)7.16.0 – 7.16.4 (bez)7.17.0 – 7.17.4 (bez)1.3 – 7.4.17 (bez)
CISA KEV — detailsi
- Vendori
- Atlassian ↗
- Producti
- Confluence Server/Data Center
- Added to KEVi
- June 2, 2022
- Remediation deadline (US Federal)i
- June 6, 2022(overdue)
- Ransomwarei
- Active ransomware campaigns exploit this vulnerability
Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.
Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.
Related vulnerabilities
RCE via template injection w Atlassian Confluence Data Center i Server
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Imprope...
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have...
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user acc...
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would a...