[Update] Zero-day Remote Code Execution Vulnerability in Atlassian Confluence

Published on 03 Jun 2022

Updated on 04 Jun 2022

Update on 4 Jun 2022:

The security patch for the critical zero-day vulnerability in Confluence Server and Data Center (CVE-2022-26134) is now available.

Administrators are advised to upgrade their versions of Confluence Server and Data Center to versions 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4 and 7.18.1 immediately. If administrators are unable to update their Confluence products, they are advised to apply the suggested workaround. Please refer to Confluence Security Advisory for more information.

Original alert published on 3 Jun 2022:

Atlassian has released a security advisory to address an unauthenticated remote code execution vulnerability (CVE-2022-26134) affecting Confluence Server and Data Center products. There are reports of the vulnerability being exploited in the wild.

Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code remotely. 

Affected Versions
•             Confluence Server version 7.18.0.
•             Confluence Server and Data Center >= 7.4.0

The patch for this vulnerability is currently not available.  In the meantime, administrators are advised to either restrict Confluence Server and Data Center instances from the internet or disable Confluence Server and Data Center instances until an update is available and successfully applied.

Administrators of the affected versions are advised to refer to Atlassian's website for further updates. Please refer to Confluence Security Advisory for more information.

References:
https://www.cyberkendra.com/2022/06/new-zero-day-rce-vulnerability.html
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html