Zero-Day Discovered in Atlassian's Confluence Servers and Data Center Products
Atlassian has warned of a critical zero-day remote code execution vulnerability impacting Confluence Servers and Data Center products that it said is being actively exploited in the wild.
Confluence is a knowledge sharing and collaboration tool, similar to a wiki.
What is CVE-2022-26134?
In a security advisory published on June 2nd, the company stated that the flaw is currently being exploited in the wild and no patches are available as of yet.
The company who reported the issues suggested that malicious actors could potentially insert a Java Server Page webshell into a publicly accessible web directory on the affected Confluence server.
In an updated statement, the company noted that the flaw has been found to impact Confluence since version 1.3.5, which was released in 2013.
Atlassian is currently working on fixing the issue and have promised a patch which will be available for download by the end of June 3rd.
What Should You Do?
While waiting on the fix, Atlassian recommends customers to consider either:
- Restricting Confluence Server and Data Center instances from the internet.
- Disabling Confluence Server and Data Center instances.
All of Secora Consulting's assessments are tailored to our client's needs.
Using our experience, we can help you determine which services are right for you.