CISA KEV 정보
| 취약점명 | Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability |
|---|---|
| 설명 | Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution. |
| 조치사항 | Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules. |
| 랜섬웨어 캠페인 악용 | Known |
| CWE | CWE-917 |
| 등록일 (KEV) | 2022-06-02 |
| 조치 기한 | 2022-06-06 |
| 추가 참고 | https://nvd.nist.gov/vuln/detail/CVE-2022-26134 |
NVD 상세 정보
CVSS v3.1: 9.8 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCVSS v2.0: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P설명: In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
CWE: CWE-917 | CWE-917
참조
- http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html [Exploit, Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html [Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html [Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html [Exploit, Third Party Advisory, VDB Entry]
- https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html [Vendor Advisory]
- https://jira.atlassian.com/browse/CONFSERVER-79016 [Issue Tracking, Patch, Vendor Advisory]
- http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html [Exploit, Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html [Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html [Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html [Exploit, Third Party Advisory, VDB Entry]
- https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html [Vendor Advisory]
- https://jira.atlassian.com/browse/CONFSERVER-79016 [Issue Tracking, Patch, Vendor Advisory]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134 [US Government Resource]
This product uses the NVD API but is not endorsed or certified by the NVD.