Lucene search
Security-metrics-botCONFSERVER-79000HistoryJun 02, 2022 - 3:36 a.m.
Unauthenticated remote code execution vulnerability via OGNL template injection - Duplicate
2022-06-0203:36:35
security-metrics-bot
jira.atlassian.com
31
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.975 High
EPSS
Percentile
100.0%
This is a duplicate of https://jira.atlassian.com/browse/CONFSERVER-79016
See the link above for more information on the issue.
Affected configurations
Node
atlassianconfluence_data_centerRangeā¤7.4.0
ORatlassianconfluence_data_centerRangeā¤7.4.1
ORatlassianconfluence_data_centerRangeā¤7.4.3
ORatlassianconfluence_data_centerRangeā¤7.4.4
ORatlassianconfluence_data_centerRangeā¤7.4.5
ORatlassianconfluence_data_centerRangeā¤7.4.6
ORatlassianconfluence_data_centerRangeā¤7.4.7
ORatlassianconfluence_data_centerRangeā¤7.4.8
ORatlassianconfluence_data_centerRangeā¤7.4.9
ORatlassianconfluence_data_centerRangeā¤7.4.10
ORatlassianconfluence_data_centerRangeā¤7.4.11
ORatlassianconfluence_data_centerRangeā¤7.4.12
ORatlassianconfluence_data_centerRangeā¤7.4.13
ORatlassianconfluence_data_centerRangeā¤7.4.14
ORatlassianconfluence_data_centerRangeā¤7.4.15
ORatlassianconfluence_data_centerRangeā¤7.4.16
ORatlassianconfluence_data_centerRangeā¤7.7.4
ORatlassianconfluence_data_centerRangeā¤7.8.0
ORatlassianconfluence_data_centerRangeā¤7.8.1
ORatlassianconfluence_data_centerRangeā¤7.8.3
ORatlassianconfluence_data_centerRangeā¤7.9.0
ORatlassianconfluence_data_centerRangeā¤7.9.1
ORatlassianconfluence_data_centerRangeā¤7.9.2
ORatlassianconfluence_data_centerRangeā¤7.9.3
ORatlassianconfluence_data_centerRangeā¤7.10.0
ORatlassianconfluence_data_centerRangeā¤7.10.1
ORatlassianconfluence_data_centerRangeā¤7.10.2
ORatlassianconfluence_data_centerRangeā¤7.11.0
ORatlassianconfluence_data_centerRangeā¤7.11.1
ORatlassianconfluence_data_centerRangeā¤7.11.2
ORatlassianconfluence_data_centerRangeā¤7.11.3
ORatlassianconfluence_data_centerRangeā¤7.11.6
ORatlassianconfluence_data_centerRangeā¤7.12.0
ORatlassianconfluence_data_centerRangeā¤7.12.1
ORatlassianconfluence_data_centerRangeā¤7.12.2
ORatlassianconfluence_data_centerRangeā¤7.12.3
ORatlassianconfluence_data_centerRangeā¤7.12.4
ORatlassianconfluence_data_centerRangeā¤7.12.5
ORatlassianconfluence_data_centerRangeā¤7.13.0
ORatlassianconfluence_data_centerRangeā¤7.13.1
ORatlassianconfluence_data_centerRangeā¤7.13.2
ORatlassianconfluence_data_centerRangeā¤7.13.3
ORatlassianconfluence_data_centerRangeā¤7.13.4
ORatlassianconfluence_data_centerRangeā¤7.13.5
ORatlassianconfluence_data_centerRangeā¤7.13.6
ORatlassianconfluence_data_centerRangeā¤7.14.0
ORatlassianconfluence_data_centerRangeā¤7.14.2
ORatlassianconfluence_data_centerRangeā¤7.15.0
ORatlassianconfluence_data_centerRangeā¤7.15.1
ORatlassianconfluence_data_centerRangeā¤7.16.0
ORatlassianconfluence_data_centerRangeā¤7.16.1
ORatlassianconfluence_data_centerRangeā¤7.16.2
ORatlassianconfluence_data_centerRangeā¤7.16.3
ORatlassianconfluence_data_centerRangeā¤7.17.0
ORatlassianconfluence_data_centerRangeā¤7.17.2
ORatlassianconfluence_data_centerRangeā¤7.17.3
ORatlassianconfluence_data_centerRangeā¤7.18.0
ORatlassianconfluence_data_centerRange<7.4.17
ORatlassianconfluence_data_centerRange<7.13.7
ORatlassianconfluence_data_centerRange<7.14.3
ORatlassianconfluence_data_centerRange<7.15.2
ORatlassianconfluence_data_centerRange<7.16.4
ORatlassianconfluence_data_centerRange<7.17.4
ORatlassianconfluence_data_centerRange<7.18.1
Related
wallarmlab
wallarmlab
Update on the Confluence 0-day vulnerability (CVE-2022-26134)
2022-06-03 20:50:59
nessus
nessus
Atlassian Confluence Command Injection (CVE-2022-26134)
2022-06-03 00:00:00
Atlassian Confluence Command Injection (CONFSERVER-79016)
2023-01-04 00:00:00
Atlassian Confluence Command Injection (CVE-2022-26134) (Direct Check)
2022-06-14 00:00:00
akamaiblog
akamaiblog
Akamai Protects Against the Atlassian Confluence 0-Day (CVE-2022-26134)
2022-06-03 09:00:52
Akamai?s Observations of Confluence Zero Day (CVE-2022-26134)
2022-06-28 13:00:00
Akamai?s Observations of Confluence Zero Day (CVE-2022-26134)
2022-06-28 13:00:00
githubexploit
githubexploit
Exploit for Injection in Atlassian Confluence Data Center
2022-06-08 07:54:56
zdt
zdt
Confluence OGNL Injection Remote Code Execution Exploit
2022-06-07 00:00:00
Confluence Data Center 7.18.0 - Remote Code Execution Exploit
2022-06-10 00:00:00
Atlassian Confluence Namespace OGNL Injection Exploit
2022-06-09 00:00:00
malwarebytes
malwarebytes
[updated]Unpatched Atlassian Confluence vulnerability is actively exploited
2022-06-03 14:41:58
2022's most routinely exploited vulnerabilitiesāhistory repeats
2023-08-07 18:30:00
checkpoint_advisories
checkpoint_advisories
Atlassian Confluence Remote Code Execution (CVE-2022-26134)
2022-06-06 00:00:00
threatpost
threatpost
DragonForce Gang Unleash Hacks Against Govt. of India
2022-06-15 13:59:37
Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw
2022-06-07 11:21:47
metasploit
metasploit
Atlassian Confluence Namespace OGNL Injection
2022-06-03 19:27:13
thn
thn
trendmicroblog
trendmicroblog
hivepro
hivepro
Vulnerable Atlassian Confluence Servers utilized to drop Crypto Miners
2022-09-29 06:56:17
nuclei
nuclei
Confluence - Remote Code Execution
2022-06-03 20:11:56
cisa
cisa
cve
cve
CVE-2022-26134
2022-06-03 22:15:07
qualysblog
qualysblog
Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)
2022-06-29 20:23:28
Atlassian Confluence: Questions for Confluence App Hardcoded Credentials Vulnerability (CVE-2022-26138)
2022-08-17 10:12:53
Qualys Tackles 2022ās Top Routinely Exploited Cyber Vulnerabilities
2023-08-24 19:07:05
cisa_kev
cisa_kev
cvelist
cvelist
CVE-2022-26134
2022-05-31 00:00:00
packetstorm
packetstorm
Confluence OGNL Injection Remote Code Execution
2022-06-07 00:00:00
Atlassian Confluence Namespace OGNL Injection
2022-06-08 00:00:00
ubuntucve
ubuntucve
CVE-2022-26134
2022-06-03 00:00:00
atlassian
atlassian
nvd
nvd
CVE-2022-26134
2022-06-03 22:15:07
impervablog
impervablog
Imperva Earns Three Cyber Defense Global InfoSec Awards for 2022
2022-07-26 13:16:19
Imperva Customers are protected from Atlassian Confluence CVE-2022-26134
2022-06-04 22:05:24
Attackers Quick to Weaponize CVE-2023-22527 for Malware Delivery
2024-02-21 09:28:01
prion
prion
Code injection
2022-06-03 22:15:00
kitploit
kitploit
confluencePot - Simple Honeypot For Atlassian Confluence (CVE-2022-26134)
2022-06-13 12:30:00
exploitdb
exploitdb
Confluence Data Center 7.18.0 - Remote Code Execution (RCE)
2022-06-10 00:00:00
mssecure
mssecure
avleonov
avleonov
Vulnerability Management news and publications #1
2022-07-06 12:13:56
Joint Advisory AA22-279A and Vulristics
2022-10-21 20:10:13
attackerkb
attackerkb
CVE-2021-26134
2021-01-26 00:00:00
CVE-2022-26134
2022-07-13 00:00:00
mmpc
mmpc
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2022-06-10 18:07:05
Active Exploitation of Confluence CVE-2022-26134
2022-06-02 23:27:15
trellix
trellix
The Bug Report ā June 2022 Edition
2022-07-06 00:00:00
The Bug Report ā June 2022 Edition
2022-07-06 00:00:00
github
github
Bypassing OGNL sandboxes for fun and charities
2023-01-27 16:00:49
googleprojectzero
googleprojectzero
2022 0-day In-the-Wild Exploitationā¦so far
2022-06-30 00:00:00
ics
ics
Top CVEs Actively Exploited By Peopleās Republic of China State-Sponsored Cyber Actors
2022-10-06 12:00:00
2022 Top Routinely Exploited Vulnerabilities
2023-08-03 12:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.975 High
EPSS
Percentile
100.0%
Related for CONFSERVER-79000