Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

Chen DoytshmanAKAMAIBLOG:6B355C8FD4C2D8E5A670002BC4BD9497

HistoryJun 28, 2022 - 1:00 p.m.

Akamai?s Observations of Confluence Zero Day (CVE-2022-26134)

Vulners
Akamaiblog
Akamai?s Observations of Confluence Zero Day (CVE-2022-26134)

2022-06-2813:00:00

Chen Doytshman

www.akamai.com

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.975 High

EPSS

Percentile

100.0%

JSON

The Atlassian Confluence vulnerability is here to stay. See Akamai’s research into the stats two weeks after the advisory was released.

wallarmlab 1

nessus 3

akamaiblog 2

githubexploit 59

zdt 3

malwarebytes 4

atlassian 2

cisa 3

packetstorm 2

ubuntucve 1

nvd 1

impervablog 4

prion 1

checkpoint_advisories 1

threatpost 2

metasploit 1

thn 14

trendmicroblog 1

hivepro 1

nuclei 1

cve 1

qualysblog 4

cisa_kev 1

cvelist 1

exploitdb 1

kitploit 1

mmpc 1

rapid7blog 7

mssecure 1

avleonov 2

attackerkb 2

trellix 2

github 1

googleprojectzero 1

ics 2

wallarmlab

Update on the Confluence 0-day vulnerability (CVE-2022-26134)

2022-06-03 20:50:59

nessus

Atlassian Confluence Command Injection (CVE-2022-26134)

2022-06-03 00:00:00

Atlassian Confluence Command Injection (CONFSERVER-79016)

2023-01-04 00:00:00

Atlassian Confluence Command Injection (CVE-2022-26134) (Direct Check)

2022-06-14 00:00:00

akamaiblog

Akamai Protects Against the Atlassian Confluence 0-Day (CVE-2022-26134)

2022-06-03 09:00:52

Akamai?s Observations of Confluence Zero Day (CVE-2022-26134)

2022-06-28 13:00:00

githubexploit

Exploit for Expression Language Injection in Atlassian Confluence Data Center

2022-06-07 02:16:56

Exploit for Expression Language Injection in Atlassian Confluence Data Center

2022-06-07 11:17:25

Exploit for Injection in Atlassian Confluence Data Center

2022-06-08 07:54:56

zdt

Confluence OGNL Injection Remote Code Execution Exploit

2022-06-07 00:00:00

Confluence Data Center 7.18.0 - Remote Code Execution Exploit

2022-06-10 00:00:00

Atlassian Confluence Namespace OGNL Injection Exploit

2022-06-09 00:00:00

malwarebytes

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

2022-06-14 12:43:08

[updated]Unpatched Atlassian Confluence vulnerability is actively exploited

2022-06-03 14:41:58

2022's most routinely exploited vulnerabilities—history repeats

2023-08-07 18:30:00

atlassian

Unauthenticated remote code execution vulnerability via OGNL template injection - Duplicate

2022-06-02 03:36:35

Remote code execution via OGNL injection in Confluence Server & Data Center - CVE-2022-26134

2022-06-03 20:08:07

cisa

Atlassian Releases New Versions of Confluence Server and Data Center to Address CVE-2022-26134

2022-06-03 00:00:00

Atlassian Releases Security Advisory for Confluence Server and Data Center, CVE-2022-26134

2022-06-02 00:00:00

CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog  

2022-06-02 00:00:00

packetstorm

Confluence OGNL Injection Remote Code Execution

2022-06-07 00:00:00

Atlassian Confluence Namespace OGNL Injection

2022-06-08 00:00:00

ubuntucve

CVE-2022-26134

2022-06-03 00:00:00

nvd

CVE-2022-26134

2022-06-03 22:15:07

impervablog

Imperva Earns Three Cyber Defense Global InfoSec Awards for 2022

2022-07-26 13:16:19

Imperva Customers are protected from Atlassian Confluence CVE-2022-26134

2022-06-04 22:05:24

Attackers Quick to Weaponize CVE-2023-22527 for Malware Delivery

2024-02-21 09:28:01

prion

Code injection

2022-06-03 22:15:00

checkpoint_advisories

Atlassian Confluence Remote Code Execution (CVE-2022-26134)

2022-06-06 00:00:00

threatpost

DragonForce Gang Unleash Hacks Against Govt. of India

2022-06-15 13:59:37

Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw

2022-06-07 11:21:47

metasploit

Atlassian Confluence Namespace OGNL Injection

2022-06-03 19:27:13

thn

This Cloud Botnet Has Hijacked 30,000 Systems to Mine Cryptocurrencies

2022-07-20 11:44:00

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

2022-09-16 10:58:00

Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage

2022-08-04 10:24:00

trendmicroblog

Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware

2022-09-21 00:00:00

hivepro

Vulnerable Atlassian Confluence Servers utilized to drop Crypto Miners

2022-09-29 06:56:17

nuclei

Confluence - Remote Code Execution

2022-06-03 20:11:56

cve

CVE-2022-26134

2022-06-03 22:15:07

qualysblog

Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)

2022-06-29 20:23:28

Atlassian Confluence: Questions for Confluence App Hardcoded Credentials Vulnerability (CVE-2022-26138)

2022-08-17 10:12:53

Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities

2023-08-24 19:07:05

cisa_kev

Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability

2022-06-02 00:00:00

cvelist

CVE-2022-26134

2022-05-31 00:00:00

exploitdb

Confluence Data Center 7.18.0 - Remote Code Execution (RCE)

2022-06-10 00:00:00

kitploit

confluencePot - Simple Honeypot For Atlassian Confluence (CVE-2022-26134)

2022-06-13 12:30:00

mmpc

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets

2023-09-14 16:30:00

rapid7blog

Metasploit Weekly Wrap-Up

2022-06-10 18:07:05

Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26138

2022-07-27 19:26:38

Active Exploitation of Confluence CVE-2022-26134

2022-06-02 23:27:15

mssecure

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets

2023-09-14 16:30:00

avleonov

Vulnerability Management news and publications #1

2022-07-06 12:13:56

Joint Advisory AA22-279A and Vulristics

2022-10-21 20:10:13

attackerkb

CVE-2021-26134

2021-01-26 00:00:00

CVE-2022-26134

2022-07-13 00:00:00

trellix

The Bug Report – June 2022 Edition

2022-07-06 00:00:00

The Bug Report – June 2022 Edition

2022-07-06 00:00:00

github

Bypassing OGNL sandboxes for fun and charities

2023-01-27 16:00:49

googleprojectzero

2022 0-day In-the-Wild Exploitation…so far

2022-06-30 00:00:00

ics

Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

2022-10-06 12:00:00

2022 Top Routinely Exploited Vulnerabilities

2023-08-03 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.975 High

EPSS

Percentile

100.0%

JSON

Related for AKAMAIBLOG:6B355C8FD4C2D8E5A670002BC4BD9497