Vulnerability-Lookup

CVE-2022-26134 (GCVE-0-2022-26134)

Vulnerability from cvelistv5 – Published: 2022-06-03 21:51 – Updated: 2025-10-21 23:15

CISA KEV

Summary

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Remote Code Execution

Assigner

atlassian

References

URL

Tags

	https://jira.atlassian.com/browse/CONFSERVER-79016	x_refsource_MISC
	http://packetstormsecurity.com/files/167432/Confl…	x_refsource_MISC
	http://packetstormsecurity.com/files/167430/Confl…	x_refsource_MISC
	http://packetstormsecurity.com/files/167431/Throu…	x_refsource_MISC
	http://packetstormsecurity.com/files/167449/Atlas…	x_refsource_MISC
	https://confluence.atlassian.com/doc/confluence-s…	x_refsource_MISC

Impacted products

Vendor

Product

Version

Atlassian

Confluence Data Center

Affected: next of 1.3.0 , < unspecified (custom)
Affected: unspecified , < 7.4.17 (custom)
Affected: 7.13.0 , < unspecified (custom)
Affected: unspecified , < 7.13.7 (custom)
Affected: 7.14.0 , < unspecified (custom)
Affected: unspecified , < 7.14.3 (custom)
Affected: 7.15.0 , < unspecified (custom)
Affected: unspecified , < 7.15.2 (custom)
Affected: 7.16.0 , < unspecified (custom)
Affected: unspecified , < 7.16.4 (custom)
Affected: 7.17.0 , < unspecified (custom)
Affected: unspecified , < 7.17.4 (custom)
Affected: 7.18.0 , < unspecified (custom)
Affected: unspecified , < 7.18.1 (custom)

Atlassian

Confluence Server

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 3919902d-e89d-4ca0-b824-9c9757bfeced

Vulnerability ID: CVE-2022-26134

Status: Confirmed

Status Updated: 2022-06-02 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2022-06-02

Asserted: 2022-06-02

Scope

Notes: KEV entry: Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability | Affected: Atlassian / Confluence Server/Data Center | Description: Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution. | Required action: Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules. | Due date: 2022-06-06 | Known ransomware campaign use (KEV): Known | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2022-26134

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-917
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	Confluence Server/Data Center
Due Date	2022-06-06
Date Added	2022-06-02
Vendorproject	Atlassian
Vulnerabilityname	Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability
Knownransomwarecampaignuse	Known

References

CVE-2022-26134

Created: 2026-02-02 12:27 UTC | Updated: 2026-02-06 07:17 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:56:37.787Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-26134",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T14:18:48.606174Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-06-02",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-917",
                "description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:15:38.769Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-06-02T00:00:00+00:00",
            "value": "CVE-2022-26134 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Confluence Data Center",
          "vendor": "Atlassian",
          "versions": [
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "next of 1.3.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.4.17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.13.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.13.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.14.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.14.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.15.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.15.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.16.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.16.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.17.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.17.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.18.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.18.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Confluence Server",
          "vendor": "Atlassian",
          "versions": [
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "next of 1.3.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.4.17",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.13.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.13.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.14.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.14.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.15.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.15.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.16.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.16.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.17.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.17.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "7.18.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.18.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-05-31T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-30T05:20:13.000Z",
        "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
        "shortName": "atlassian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@atlassian.com",
          "DATE_PUBLIC": "2022-05-31T20:00:00",
          "ID": "CVE-2022-26134",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Confluence Data Center",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e",
                            "version_value": "1.3.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.4.17"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.13.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.13.7"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.14.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.14.3"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.15.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.15.2"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.16.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.16.4"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.17.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.17.4"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.18.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.18.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Confluence Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e",
                            "version_value": "1.3.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.4.17"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.13.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.13.7"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.14.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.14.3"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.15.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.15.2"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.16.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.16.4"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.17.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.17.4"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "7.18.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "7.18.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Atlassian"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://jira.atlassian.com/browse/CONFSERVER-79016",
              "refsource": "MISC",
              "url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
            },
            {
              "name": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
            },
            {
              "name": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html",
              "refsource": "MISC",
              "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
    "assignerShortName": "atlassian",
    "cveId": "CVE-2022-26134",
    "datePublished": "2022-06-03T21:51:57.134Z",
    "dateReserved": "2022-02-25T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:15:38.769Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2022-26134",
      "cwes": "[\"CWE-917\"]",
      "dateAdded": "2022-06-02",
      "dueDate": "2022-06-06",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2022-26134",
      "product": "Confluence Server/Data Center",
      "requiredAction": "Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.",
      "shortDescription": "Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.",
      "vendorProject": "Atlassian",
      "vulnerabilityName": "Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-06-06",
      "cisaExploitAdd": "2022-06-02",
      "cisaRequiredAction": "Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.",
      "cisaVulnerabilityName": "Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.3\", \"versionEndExcluding\": \"7.4.17\", \"matchCriteriaId\": \"5B80A5DD-66A4-4BA9-8BE0-CD862048B497\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.13.0\", \"versionEndExcluding\": \"7.13.7\", \"matchCriteriaId\": \"C98724BE-9503-4E81-B427-79410CDBF2B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.14.0\", \"versionEndExcluding\": \"7.14.3\", \"matchCriteriaId\": \"12E753EB-0D31-448B-B8DE-0A95434CC97C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.15.0\", \"versionEndExcluding\": \"7.15.2\", \"matchCriteriaId\": \"DE114494-74F0-454C-AAC4-8B8E5F1C67D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.16.0\", \"versionEndExcluding\": \"7.16.4\", \"matchCriteriaId\": \"90BB3572-29ED-415F-AD34-00EB76271F9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.17.0\", \"versionEndExcluding\": \"7.17.4\", \"matchCriteriaId\": \"30EF756A-B4E9-4E5D-BE6F-02CE95F12C9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_data_center:7.18.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A56B6A10-E23F-49EF-8C07-1AEDFCAE2788\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.3\", \"versionEndExcluding\": \"7.4.17\", \"matchCriteriaId\": \"3AC4BC00-4067-4C75-AF15-A754C2713B02\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.13.0\", \"versionEndExcluding\": \"7.13.7\", \"matchCriteriaId\": \"4587786A-9864-405F-8C0F-31D930651F59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.14.0\", \"versionEndExcluding\": \"7.14.3\", \"matchCriteriaId\": \"5DCDEC6C-4515-4CAA-9D82-7BF68A3AAE7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.15.0\", \"versionEndExcluding\": \"7.15.2\", \"matchCriteriaId\": \"B9948F94-DF67-4E3C-8CD4-417D57FBC60F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.16.0\", \"versionEndExcluding\": \"7.16.4\", \"matchCriteriaId\": \"30E63ECB-85A8-4D41-A9B5-9FFF18D9CDB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.17.0\", \"versionEndExcluding\": \"7.17.4\", \"matchCriteriaId\": \"694171BD-FAE2-472C-8183-04BCA2F7B9A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:atlassian:confluence_server:7.18.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AC5E81B-DA4B-45E7-9584-4B576E49FD8B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.\"}, {\"lang\": \"es\", \"value\": \"En las versiones afectadas de Confluence Server y Data Center, se presenta una vulnerabilidad de inyecci\\u00f3n OGNL que permitir\\u00eda a un atacante no autenticado ejecutar c\\u00f3digo arbitrario en una instancia de Confluence Server o Data Center. Las versiones afectadas son 1.3.0 anteriores a 7.4.17, 7.13.0 anteriores a 7.13.7, 7.14.0 anteriores a 7.14.3, 7.15.0 anteriores a 7.15.2, 7.16.0 anteriores a 7.16.4, 7.17.0 anteriores a 7.17.4 y 7.18.0 anteriores a 7.18.1\"}]",
      "id": "CVE-2022-26134",
      "lastModified": "2024-11-21T06:53:29.950",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-06-03T22:15:07.717",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\", \"source\": \"security@atlassian.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\", \"source\": \"security@atlassian.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\", \"source\": \"security@atlassian.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\", \"source\": \"security@atlassian.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\", \"source\": \"security@atlassian.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-79016\", \"source\": \"security@atlassian.com\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-79016\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@atlassian.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-917\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-26134\",\"sourceIdentifier\":\"security@atlassian.com\",\"published\":\"2022-06-03T22:15:07.717\",\"lastModified\":\"2025-10-24T13:38:30.590\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.\"},{\"lang\":\"es\",\"value\":\"En las versiones afectadas de Confluence Server y Data Center, se presenta una vulnerabilidad de inyecci\u00f3n OGNL que permitir\u00eda a un atacante no autenticado ejecutar c\u00f3digo arbitrario en una instancia de Confluence Server o Data Center. Las versiones afectadas son 1.3.0 anteriores a 7.4.17, 7.13.0 anteriores a 7.13.7, 7.14.0 anteriores a 7.14.3, 7.15.0 anteriores a 7.15.2, 7.16.0 anteriores a 7.16.4, 7.17.0 anteriores a 7.17.4 y 7.18.0 anteriores a 7.18.1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-06-02\",\"cisaActionDue\":\"2022-06-06\",\"cisaRequiredAction\":\"Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.\",\"cisaVulnerabilityName\":\"Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-917\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-917\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.3\",\"versionEndExcluding\":\"7.4.17\",\"matchCriteriaId\":\"5B80A5DD-66A4-4BA9-8BE0-CD862048B497\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.13.0\",\"versionEndExcluding\":\"7.13.7\",\"matchCriteriaId\":\"C98724BE-9503-4E81-B427-79410CDBF2B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.14.0\",\"versionEndExcluding\":\"7.14.3\",\"matchCriteriaId\":\"12E753EB-0D31-448B-B8DE-0A95434CC97C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.15.0\",\"versionEndExcluding\":\"7.15.2\",\"matchCriteriaId\":\"DE114494-74F0-454C-AAC4-8B8E5F1C67D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.16.0\",\"versionEndExcluding\":\"7.16.4\",\"matchCriteriaId\":\"90BB3572-29ED-415F-AD34-00EB76271F9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.17.0\",\"versionEndExcluding\":\"7.17.4\",\"matchCriteriaId\":\"30EF756A-B4E9-4E5D-BE6F-02CE95F12C9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:7.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A56B6A10-E23F-49EF-8C07-1AEDFCAE2788\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.3\",\"versionEndExcluding\":\"7.4.17\",\"matchCriteriaId\":\"3AC4BC00-4067-4C75-AF15-A754C2713B02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.13.0\",\"versionEndExcluding\":\"7.13.7\",\"matchCriteriaId\":\"4587786A-9864-405F-8C0F-31D930651F59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.14.0\",\"versionEndExcluding\":\"7.14.3\",\"matchCriteriaId\":\"5DCDEC6C-4515-4CAA-9D82-7BF68A3AAE7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.15.0\",\"versionEndExcluding\":\"7.15.2\",\"matchCriteriaId\":\"B9948F94-DF67-4E3C-8CD4-417D57FBC60F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.16.0\",\"versionEndExcluding\":\"7.16.4\",\"matchCriteriaId\":\"30E63ECB-85A8-4D41-A9B5-9FFF18D9CDB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.17.0\",\"versionEndExcluding\":\"7.17.4\",\"matchCriteriaId\":\"694171BD-FAE2-472C-8183-04BCA2F7B9A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:7.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AC5E81B-DA4B-45E7-9584-4B576E49FD8B\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://jira.atlassian.com/browse/CONFSERVER-79016\",\"source\":\"security@atlassian.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://jira.atlassian.com/browse/CONFSERVER-79016\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-79016\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T04:56:37.787Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-26134\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T14:18:48.606174Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-06-02\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-06-02T00:00:00+00:00\", \"value\": \"CVE-2022-26134 added to CISA KEV\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-917\", \"description\": \"CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T14:18:15.568Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Atlassian\", \"product\": \"Confluence Data Center\", \"versions\": [{\"status\": \"affected\", \"version\": \"next of 1.3.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.4.17\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.13.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.13.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.14.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.14.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.15.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.15.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.16.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.16.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.17.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.17.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.18.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.18.1\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Atlassian\", \"product\": \"Confluence Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"next of 1.3.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.4.17\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.13.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.13.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.14.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.14.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.15.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.15.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.16.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.16.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.17.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.17.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.18.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.18.1\", \"versionType\": \"custom\"}]}], \"datePublic\": \"2022-05-31T00:00:00.000Z\", \"references\": [{\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-79016\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Remote Code Execution\"}]}], \"providerMetadata\": {\"orgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"shortName\": \"atlassian\", \"dateUpdated\": \"2022-06-30T05:20:13.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"1.3.0\", \"version_affected\": \"\u003e\"}, {\"version_value\": \"7.4.17\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.13.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.13.7\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.14.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.14.3\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.15.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.15.2\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.16.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.16.4\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.17.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.17.4\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.18.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.18.1\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"Confluence Data Center\"}, {\"version\": {\"version_data\": [{\"version_value\": \"1.3.0\", \"version_affected\": \"\u003e\"}, {\"version_value\": \"7.4.17\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.13.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.13.7\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.14.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.14.3\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.15.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.15.2\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.16.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.16.4\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.17.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.17.4\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.18.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.18.1\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"Confluence Server\"}]}, \"vendor_name\": \"Atlassian\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-79016\", \"name\": \"https://jira.atlassian.com/browse/CONFSERVER-79016\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\", \"name\": \"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\", \"name\": \"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\", \"name\": \"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\", \"name\": \"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Remote Code Execution\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-26134\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@atlassian.com\", \"DATE_PUBLIC\": \"2022-05-31T20:00:00\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-26134\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T18:46:18.689Z\", \"dateReserved\": \"2022-02-25T00:00:00.000Z\", \"assignerOrgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"datePublished\": \"2022-06-03T21:51:57.134Z\", \"assignerShortName\": \"atlassian\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GSD-2022-26134

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-26134

Aliases

CVE-2022-26134

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-26134",
    "description": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.",
    "id": "GSD-2022-26134",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2022-26134"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-26134"
      ],
      "details": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.",
      "id": "GSD-2022-26134",
      "modified": "2023-12-13T01:19:39.569570Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@atlassian.com",
        "DATE_PUBLIC": "2022-05-31T20:00:00",
        "ID": "CVE-2022-26134",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Confluence Data Center",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003e",
                          "version_value": "1.3.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.4.17"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.13.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.13.7"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.14.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.14.3"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.15.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.15.2"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.16.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.16.4"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.17.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.17.4"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.18.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.18.1"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Confluence Server",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003e",
                          "version_value": "1.3.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.4.17"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.13.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.13.7"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.14.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.14.3"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.15.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.15.2"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.16.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.16.4"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.17.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.17.4"
                        },
                        {
                          "version_affected": "\u003e=",
                          "version_value": "7.18.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "7.18.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Atlassian"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote Code Execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://jira.atlassian.com/browse/CONFSERVER-79016",
            "refsource": "MISC",
            "url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
          },
          {
            "name": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
          },
          {
            "name": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html",
            "refsource": "MISC",
            "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:7.18.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.17.4",
                "versionStartIncluding": "7.17.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.16.4",
                "versionStartIncluding": "7.16.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.15.2",
                "versionStartIncluding": "7.15.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.14.3",
                "versionStartIncluding": "7.14.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.13.7",
                "versionStartIncluding": "7.13.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.4.17",
                "versionStartIncluding": "1.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:7.18.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.17.4",
                "versionStartIncluding": "7.17.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.16.4",
                "versionStartIncluding": "7.16.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.15.2",
                "versionStartIncluding": "7.15.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.14.3",
                "versionStartIncluding": "7.14.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.13.7",
                "versionStartIncluding": "7.13.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.4.17",
                "versionStartIncluding": "1.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@atlassian.com",
          "ID": "CVE-2022-26134"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-74"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://jira.atlassian.com/browse/CONFSERVER-79016",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
            },
            {
              "name": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
            },
            {
              "name": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html",
              "refsource": "MISC",
              "tags": [],
              "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-06-30T06:15Z",
      "publishedDate": "2022-06-03T22:15Z"
    }
  }
}

CERTFR-2022-AVI-521

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Atlassian Confluence. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Atlassian	Confluence	Confluence Server et Data Center versions 7.18.x antérieures à 7.18.1
Atlassian	Confluence	Confluence Server et Data Center versions 7.15.x antérieures à 7.15.2
Atlassian	Confluence	Confluence Server et Data Center versions 7.13.x antérieures à 7.13.7
Atlassian	Confluence	Confluence Server et Data Server versions 1.3.0 à 7.4.x antérieures à 7.4.17
Atlassian	Confluence	Confluence Server et Data Center versions 7.17.x antérieures à 7.17.4
Atlassian	Confluence	Confluence Server et Data Center versions 7.14.x antérieures à 7.14.3
Atlassian	Confluence	Confluence Server et Data Center versions 7.16.x antérieures à 7.16.4

References

Title

Publication Time

Tags

Bulletin de sécurité Atlassian du 02 juin 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Confluence Server et Data Center versions 7.18.x ant\u00e9rieures \u00e0 7.18.1",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Center versions 7.15.x ant\u00e9rieures \u00e0 7.15.2",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Center versions 7.13.x ant\u00e9rieures \u00e0 7.13.7",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Server versions 1.3.0 \u00e0 7.4.x ant\u00e9rieures \u00e0 7.4.17",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Center versions 7.17.x ant\u00e9rieures \u00e0 7.17.4",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Center versions 7.14.x ant\u00e9rieures \u00e0 7.14.3",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Center versions 7.16.x ant\u00e9rieures \u00e0 7.16.4",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-26134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26134"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-521",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-06-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Atlassian Confluence. Elle\npermet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Atlassian Confluence",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian du 02 juin 2022",
      "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
    }
  ]
}

CERTFR-2022-AVI-521

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans Atlassian Confluence. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Atlassian	Confluence	Confluence Server et Data Center versions 7.18.x antérieures à 7.18.1
Atlassian	Confluence	Confluence Server et Data Center versions 7.15.x antérieures à 7.15.2
Atlassian	Confluence	Confluence Server et Data Center versions 7.13.x antérieures à 7.13.7
Atlassian	Confluence	Confluence Server et Data Server versions 1.3.0 à 7.4.x antérieures à 7.4.17
Atlassian	Confluence	Confluence Server et Data Center versions 7.17.x antérieures à 7.17.4
Atlassian	Confluence	Confluence Server et Data Center versions 7.14.x antérieures à 7.14.3
Atlassian	Confluence	Confluence Server et Data Center versions 7.16.x antérieures à 7.16.4

References

Title

Publication Time

Tags

Bulletin de sécurité Atlassian du 02 juin 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Confluence Server et Data Center versions 7.18.x ant\u00e9rieures \u00e0 7.18.1",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Center versions 7.15.x ant\u00e9rieures \u00e0 7.15.2",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Center versions 7.13.x ant\u00e9rieures \u00e0 7.13.7",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Server versions 1.3.0 \u00e0 7.4.x ant\u00e9rieures \u00e0 7.4.17",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Center versions 7.17.x ant\u00e9rieures \u00e0 7.17.4",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Center versions 7.14.x ant\u00e9rieures \u00e0 7.14.3",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Server et Data Center versions 7.16.x ant\u00e9rieures \u00e0 7.16.4",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-26134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26134"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-521",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-06-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Atlassian Confluence. Elle\npermet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Atlassian Confluence",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian du 02 juin 2022",
      "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
    }
  ]
}

FKIE_CVE-2022-26134

Vulnerability from fkie_nvd - Published: 2022-06-03 22:15 - Updated: 2025-10-24 13:38

CISA KEV

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@atlassian.com	http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
security@atlassian.com	http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html	Third Party Advisory, VDB Entry
security@atlassian.com	http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html	Third Party Advisory, VDB Entry
security@atlassian.com	http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html	Exploit, Third Party Advisory, VDB Entry
security@atlassian.com	https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html	Vendor Advisory
security@atlassian.com	https://jira.atlassian.com/browse/CONFSERVER-79016	Issue Tracking, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://jira.atlassian.com/browse/CONFSERVER-79016	Issue Tracking, Patch, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134	US Government Resource

Impacted products

Vendor	Product	Version
atlassian	confluence_data_center	*
atlassian	confluence_data_center	*
atlassian	confluence_data_center	*
atlassian	confluence_data_center	*
atlassian	confluence_data_center	*
atlassian	confluence_data_center	*
atlassian	confluence_data_center	7.18.0
atlassian	confluence_server	*
atlassian	confluence_server	*
atlassian	confluence_server	*
atlassian	confluence_server	*
atlassian	confluence_server	*
atlassian	confluence_server	*
atlassian	confluence_server	7.18.0

JSON

To clipboard

{
  "cisaActionDue": "2022-06-06",
  "cisaExploitAdd": "2022-06-02",
  "cisaRequiredAction": "Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.",
  "cisaVulnerabilityName": "Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B80A5DD-66A4-4BA9-8BE0-CD862048B497",
              "versionEndExcluding": "7.4.17",
              "versionStartIncluding": "1.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C98724BE-9503-4E81-B427-79410CDBF2B9",
              "versionEndExcluding": "7.13.7",
              "versionStartIncluding": "7.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12E753EB-0D31-448B-B8DE-0A95434CC97C",
              "versionEndExcluding": "7.14.3",
              "versionStartIncluding": "7.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE114494-74F0-454C-AAC4-8B8E5F1C67D0",
              "versionEndExcluding": "7.15.2",
              "versionStartIncluding": "7.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90BB3572-29ED-415F-AD34-00EB76271F9C",
              "versionEndExcluding": "7.16.4",
              "versionStartIncluding": "7.16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30EF756A-B4E9-4E5D-BE6F-02CE95F12C9C",
              "versionEndExcluding": "7.17.4",
              "versionStartIncluding": "7.17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_data_center:7.18.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A56B6A10-E23F-49EF-8C07-1AEDFCAE2788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AC4BC00-4067-4C75-AF15-A754C2713B02",
              "versionEndExcluding": "7.4.17",
              "versionStartIncluding": "1.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4587786A-9864-405F-8C0F-31D930651F59",
              "versionEndExcluding": "7.13.7",
              "versionStartIncluding": "7.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DCDEC6C-4515-4CAA-9D82-7BF68A3AAE7E",
              "versionEndExcluding": "7.14.3",
              "versionStartIncluding": "7.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9948F94-DF67-4E3C-8CD4-417D57FBC60F",
              "versionEndExcluding": "7.15.2",
              "versionStartIncluding": "7.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E63ECB-85A8-4D41-A9B5-9FFF18D9CDB1",
              "versionEndExcluding": "7.16.4",
              "versionStartIncluding": "7.16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "694171BD-FAE2-472C-8183-04BCA2F7B9A7",
              "versionEndExcluding": "7.17.4",
              "versionStartIncluding": "7.17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:7.18.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AC5E81B-DA4B-45E7-9584-4B576E49FD8B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
    },
    {
      "lang": "es",
      "value": "En las versiones afectadas de Confluence Server y Data Center, se presenta una vulnerabilidad de inyecci\u00f3n OGNL que permitir\u00eda a un atacante no autenticado ejecutar c\u00f3digo arbitrario en una instancia de Confluence Server o Data Center. Las versiones afectadas son 1.3.0 anteriores a 7.4.17, 7.13.0 anteriores a 7.13.7, 7.14.0 anteriores a 7.14.3, 7.15.0 anteriores a 7.15.2, 7.16.0 anteriores a 7.16.4, 7.17.0 anteriores a 7.17.4 y 7.18.0 anteriores a 7.18.1"
    }
  ],
  "id": "CVE-2022-26134",
  "lastModified": "2025-10-24T13:38:30.590",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-06-03T22:15:07.717",
  "references": [
    {
      "source": "security@atlassian.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
    },
    {
      "source": "security@atlassian.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
    },
    {
      "source": "security@atlassian.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
    },
    {
      "source": "security@atlassian.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
    },
    {
      "source": "security@atlassian.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
    },
    {
      "source": "security@atlassian.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134"
    }
  ],
  "sourceIdentifier": "security@atlassian.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-917"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-917"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CNVD-2022-50013

Vulnerability from cnvd - Published: 2022-07-21

Title

Atlassian Confluence Server and Data Center存在命令执行漏洞

Description

Atlassian Confluence Server是澳大利亚Atlassian公司的一套具有企业知识管理功能，并支持用于构建企业WiKi的协同软件的服务器版本。 Atlassian Confluence Server and Data Center存在命令执行漏洞，攻击者可利用该漏洞获取服务器控制权。

Severity

高

Patch Name

Atlassian Confluence Server and Data Center存在命令执行漏洞的补丁

Patch Description

Atlassian Confluence Server是澳大利亚Atlassian公司的一套具有企业知识管理功能，并支持用于构建企业WiKi的协同软件的服务器版本。 Atlassian Confluence Server and Data Center存在命令执行漏洞，攻击者可利用该漏洞获取服务器控制权。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

官方已发布版本，请尽快升级到新版本： https://www.atlassian.com/software/confluence/download-archives

Impacted products

Name
['Atlassian Confluence Server and Data Center 1.3.0，< 7.4.17', 'Atlassian Confluence Server and Data Center 7.13.0，< 7.13.7', 'Atlassian Confluence Server and Data Center 7.14.0，< 7.14.3', 'Atlassian Confluence Server and Data Center 7.15.0，< 7.15.2', 'Atlassian Confluence Server and Data Center 7.16.0，< 7.16.4', 'Atlassian Confluence Server and Data Center 7.17.0，< 7.17.4', 'Atlassian Confluence Server and Data Center 7.18.0，< 7.18.1']

Name

['Atlassian Confluence Server and Data Center 1.3.0，< 7.4.17', 'Atlassian Confluence Server and Data Center 7.13.0，< 7.13.7', 'Atlassian Confluence Server and Data Center 7.14.0，< 7.14.3', 'Atlassian Confluence Server and Data Center 7.15.0，< 7.15.2', 'Atlassian Confluence Server and Data Center 7.16.0，< 7.16.4', 'Atlassian Confluence Server and Data Center 7.17.0，< 7.17.4', 'Atlassian Confluence Server and Data Center 7.18.0，< 7.18.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-26134"
    }
  },
  "description": "Atlassian Confluence Server\u662f\u6fb3\u5927\u5229\u4e9aAtlassian\u516c\u53f8\u7684\u4e00\u5957\u5177\u6709\u4f01\u4e1a\u77e5\u8bc6\u7ba1\u7406\u529f\u80fd\uff0c\u5e76\u652f\u6301\u7528\u4e8e\u6784\u5efa\u4f01\u4e1aWiKi\u7684\u534f\u540c\u8f6f\u4ef6\u7684\u670d\u52a1\u5668\u7248\u672c\u3002\n\nAtlassian Confluence Server and Data Center\u5b58\u5728\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u670d\u52a1\u5668\u63a7\u5236\u6743\u3002",
  "discovererName": "\u4e09\u516d\u96f6\u6570\u5b57\u5b89\u5168\u79d1\u6280\u96c6\u56e2\u6709\u9650\u516c\u53f8",
  "formalWay": "\u5b98\u65b9\u5df2\u53d1\u5e03\u7248\u672c\uff0c\u8bf7\u5c3d\u5feb\u5347\u7ea7\u5230\u65b0\u7248\u672c\uff1a\r\nhttps://www.atlassian.com/software/confluence/download-archives",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-50013",
  "openTime": "2022-07-21",
  "patchDescription": "Atlassian Confluence Server\u662f\u6fb3\u5927\u5229\u4e9aAtlassian\u516c\u53f8\u7684\u4e00\u5957\u5177\u6709\u4f01\u4e1a\u77e5\u8bc6\u7ba1\u7406\u529f\u80fd\uff0c\u5e76\u652f\u6301\u7528\u4e8e\u6784\u5efa\u4f01\u4e1aWiKi\u7684\u534f\u540c\u8f6f\u4ef6\u7684\u670d\u52a1\u5668\u7248\u672c\u3002\r\n\r\nAtlassian Confluence Server and Data Center\u5b58\u5728\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u670d\u52a1\u5668\u63a7\u5236\u6743\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Atlassian Confluence Server and Data Center\u5b58\u5728\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Atlassian Confluence Server and Data Center 1.3.0\uff0c\u003c 7.4.17",
      "Atlassian Confluence Server and Data Center 7.13.0\uff0c\u003c 7.13.7",
      "Atlassian Confluence Server and Data Center 7.14.0\uff0c\u003c 7.14.3",
      "Atlassian Confluence Server and Data Center 7.15.0\uff0c\u003c 7.15.2",
      "Atlassian Confluence Server and Data Center 7.16.0\uff0c\u003c 7.16.4",
      "Atlassian Confluence Server and Data Center 7.17.0\uff0c\u003c 7.17.4",
      "Atlassian Confluence Server and Data Center 7.18.0\uff0c\u003c 7.18.1"
    ]
  },
  "serverity": "\u9ad8",
  "submitTime": "2022-06-06",
  "title": "Atlassian Confluence Server and Data Center\u5b58\u5728\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e"
}

CNVD-2022-43094

Vulnerability from cnvd - Published: 2022-06-03

Title

Atlassian Confluence Server和Data Center远程代码执行漏洞

Description

Atlassian Confluence Server是澳大利亚Atlassian公司的一套具有企业知识管理功能，并支持用于构建企业WiKi的协同软件的服务器版本。Atlassian Confluence Data Center是Atlassian Confluence的数据中心版本。 Atlassian Confluence Server和Data Center存在远程代码执行漏洞，未经身份验证的攻击者利用该漏洞通过命令注入可在目标服务器上执行任意代码，从而控制目标服务器。

Severity

高

Patch Name

Atlassian Confluence Server和Data Center远程代码执行漏洞的补丁

Patch Description

Formal description

官方已发布最新版本，建议受影响的用户及时更新升级到最新版本： https://www.atlassian.com/software/confluence/download-archives

Reference

https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html

Impacted products

Name
['Atlassian Confluence Server and Data Center 1.3.0，< 7.4.17', 'Atlassian Confluence Server and Data Center 7.13.0，< 7.13.7', 'Atlassian Confluence Server and Data Center 7.14.0，< 7.14.3', 'Atlassian Confluence Server and Data Center 7.15.0，< 7.15.2', 'Atlassian Confluence Server and Data Center 7.16.0，< 7.16.4', 'Atlassian Confluence Server and Data Center 7.17.0，< 7.17.4', 'Atlassian Confluence Server and Data Center 7.18.0，< 7.18.1']

Name

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-26134"
    }
  },
  "description": "Atlassian Confluence Server\u662f\u6fb3\u5927\u5229\u4e9aAtlassian\u516c\u53f8\u7684\u4e00\u5957\u5177\u6709\u4f01\u4e1a\u77e5\u8bc6\u7ba1\u7406\u529f\u80fd\uff0c\u5e76\u652f\u6301\u7528\u4e8e\u6784\u5efa\u4f01\u4e1aWiKi\u7684\u534f\u540c\u8f6f\u4ef6\u7684\u670d\u52a1\u5668\u7248\u672c\u3002Atlassian Confluence Data Center\u662fAtlassian Confluence\u7684\u6570\u636e\u4e2d\u5fc3\u7248\u672c\u3002\n\nAtlassian Confluence Server\u548cData Center\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u547d\u4ee4\u6ce8\u5165\u53ef\u5728\u76ee\u6807\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u4ece\u800c\u63a7\u5236\u76ee\u6807\u670d\u52a1\u5668\u3002",
  "formalWay": "\u5b98\u65b9\u5df2\u53d1\u5e03\u6700\u65b0\u7248\u672c\uff0c\u5efa\u8bae\u53d7\u5f71\u54cd\u7684\u7528\u6237\u53ca\u65f6\u66f4\u65b0\u5347\u7ea7\u5230\u6700\u65b0\u7248\u672c\uff1a\r\nhttps://www.atlassian.com/software/confluence/download-archives",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-43094",
  "openTime": "2022-06-03",
  "patchDescription": "Atlassian Confluence Server\u662f\u6fb3\u5927\u5229\u4e9aAtlassian\u516c\u53f8\u7684\u4e00\u5957\u5177\u6709\u4f01\u4e1a\u77e5\u8bc6\u7ba1\u7406\u529f\u80fd\uff0c\u5e76\u652f\u6301\u7528\u4e8e\u6784\u5efa\u4f01\u4e1aWiKi\u7684\u534f\u540c\u8f6f\u4ef6\u7684\u670d\u52a1\u5668\u7248\u672c\u3002Atlassian Confluence Data Center\u662fAtlassian Confluence\u7684\u6570\u636e\u4e2d\u5fc3\u7248\u672c\u3002\r\n\r\nAtlassian Confluence Server\u548cData Center\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u547d\u4ee4\u6ce8\u5165\u53ef\u5728\u76ee\u6807\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u4ece\u800c\u63a7\u5236\u76ee\u6807\u670d\u52a1\u5668\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Atlassian Confluence Server\u548cData Center\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Atlassian Confluence Server and Data Center 1.3.0\uff0c\u003c 7.4.17",
      "Atlassian Confluence Server and Data Center 7.13.0\uff0c\u003c 7.13.7",
      "Atlassian Confluence Server and Data Center 7.14.0\uff0c\u003c 7.14.3",
      "Atlassian Confluence Server and Data Center 7.15.0\uff0c\u003c 7.15.2",
      "Atlassian Confluence Server and Data Center 7.16.0\uff0c\u003c 7.16.4",
      "Atlassian Confluence Server and Data Center 7.17.0\uff0c\u003c 7.17.4",
      "Atlassian Confluence Server and Data Center 7.18.0\uff0c\u003c 7.18.1"
    ]
  },
  "referenceLink": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html",
  "serverity": "\u9ad8",
  "submitTime": "2022-06-03",
  "title": "Atlassian Confluence Server\u548cData Center\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

GHSA-653M-WPJP-54C4

Vulnerability from github – Published: 2022-06-04 00:00 – Updated: 2025-10-22 00:32

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-26134"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-74",
      "CWE-917"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-03T22:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.",
  "id": "GHSA-653m-wpjp-54c4",
  "modified": "2025-10-22T00:32:33Z",
  "published": "2022-06-04T00:00:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26134"
    },
    {
      "type": "WEB",
      "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
    },
    {
      "type": "WEB",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2022-ALE-006

Vulnerability from certfr_alerte - Published: - Updated:

[Mise à jour du 03 juin 2022 à 19h52] Atlassian a publié des correctifs.

Une vulnérabilité a été découverte dans Atlassian Confluence. Elle permet à un attaquant non authentifié de provoquer une exécution de code arbitraire à distance.

Cette vulnérabilité est actuellement exploitée de façon active par des attaquants qui semblent déployer différentes portes dérobées (webshells) pour maintenir leur présence sur les serveurs compromis.

Cette alerte sera mise à jour régulièrement.

Contournement provisoire

[mise à jour du 03 juin 2022 à 19h52]

Si l'application des correctifs ne peut être réalisée, et étant donné que des attaques sont en cours, le CERT-FR recommande fortement de bloquer sans délai toute communication entre les serveurs Confluence et Internet. Idéalement, toute communication entre un serveur Confluence et un réseau non sûr devrait être également coupée.

Atlassian propose des mesures de contournements (cf. section Documentation). La procédure diffère en fonction de la version de Confluence et nécessite le téléchargement d'un ou plusieurs fichiers. Avec ces nouveaux éléments, le CERT-FR anticipe que des codes d'exploitation supplémentaires seront rapidement développés et probablement rendus publics.

Solution

[mise à jour du 03 juin 2022 à 19h52]

Le CERT-FR recommande de privilégier la déconnexion du service d'Internet tant que les correctifs ne sont pas appliqués et qu'un contrôle pour détecter une éventuelle compromission n'a pas été réalisé.

Se référer à l'avis de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

[mise à jour du 03 juin 2022 à 19h52]

Confluence Server et Data Server versions 1.3.0 à 7.4.x antérieures à 7.4.17
Confluence Server et Data Center versions 7.13.x antérieures à 7.13.7
Confluence Server et Data Center versions 7.14.x antérieures à 7.14.3
Confluence Server et Data Center versions 7.15.x antérieures à 7.15.2
Confluence Server et Data Center versions 7.16.x antérieures à 7.16.4
Confluence Server et Data Center versions 7.17.x antérieures à 7.17.4
Confluence Server et Data Center versions 7.18.x antérieures à 7.18.1

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Atlassian	2022-06-02	vendor-advisory
[mise à jour] Avis de sécurité CERTFR-2022-AVI-521 du 03 juin 2022	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003e\u003cstrong\u003e[mise \u00e0 jour du 03 juin 2022 \u00e0 19h52]\u003c/strong\u003e\u003c/p\u003e \u003cul\u003e \u003cli\u003eConfluence Server et Data Server versions 1.3.0 \u00e0 7.4.x ant\u00e9rieures \u00e0 7.4.17\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.13.x ant\u00e9rieures \u00e0 7.13.7\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.14.x ant\u00e9rieures \u00e0 7.14.3\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.15.x ant\u00e9rieures \u00e0 7.15.2\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.16.x ant\u00e9rieures \u00e0 7.16.4\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.17.x ant\u00e9rieures \u00e0 7.17.4\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.18.x ant\u00e9rieures \u00e0 7.18.1\u003c/li\u003e \u003c/ul\u003e ",
  "closed_at": "2022-10-07",
  "content": "## Contournement provisoire\n\n**\\[mise \u00e0 jour du 03 juin 2022 \u00e0 19h52\\]**\n\n\u003cu\u003eSi l\u0027application des correctifs ne peut \u00eatre r\u00e9alis\u00e9e\u003c/u\u003e, et \u00e9tant\ndonn\u00e9 que \u003cu\u003edes attaques sont en cours\u003c/u\u003e, le CERT-FR recommande\nfortement de \u003cu\u003ebloquer sans d\u00e9lai toute communication entre les\nserveurs Confluence et Internet\u003c/u\u003e. Id\u00e9alement, toute communication\nentre un serveur Confluence et un r\u00e9seau non s\u00fbr devrait \u00eatre \u00e9galement\ncoup\u00e9e.\n\nAtlassian propose des mesures de contournements (cf. section\nDocumentation). La proc\u00e9dure diff\u00e8re en fonction de la version de\nConfluence et n\u00e9cessite le t\u00e9l\u00e9chargement\u00a0 d\u0027un ou plusieurs fichiers.\nAvec ces nouveaux \u00e9l\u00e9ments, le CERT-FR anticipe que des codes\nd\u0027exploitation suppl\u00e9mentaires seront rapidement d\u00e9velopp\u00e9s et\nprobablement rendus publics.\n\n## Solution\n\n\u003cspan style=\"color: #ff0000;\"\u003e**\\[mise \u00e0 jour du 03 juin 2022 \u00e0\n19h52\\]**\u003c/span\u003e\n\nLe CERT-FR recommande de privil\u00e9gier la d\u00e9connexion du service\nd\u0027Internet tant que les correctifs ne sont pas appliqu\u00e9s et qu\u0027un\ncontr\u00f4le pour d\u00e9tecter une \u00e9ventuelle compromission n\u0027a pas \u00e9t\u00e9 r\u00e9alis\u00e9.\n\nSe r\u00e9f\u00e9rer \u00e0 l\u0027avis de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf.\nsection Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-26134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26134"
    }
  ],
  "links": [
    {
      "title": "[mise \u00e0 jour] Avis de s\u00e9curit\u00e9 CERTFR-2022-AVI-521 du 03 juin 2022",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-521/"
    }
  ],
  "reference": "CERTFR-2022-ALE-006",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-06-03T00:00:00.000000"
    },
    {
      "description": "Publication de mesures de contournement.",
      "revision_date": "2022-06-03T00:00:00.000000"
    },
    {
      "description": "Publication de versions corrigeant la vuln\u00e9rabilit\u00e9",
      "revision_date": "2022-06-03T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2022-10-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "\u003cstrong\u003e\\[Mise \u00e0 jour du 03 juin 2022 \u00e0 19h52\\]\u003c/strong\u003e Atlassian a publi\u00e9 des\ncorrectifs.\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Atlassian Confluence. Elle\npermet \u00e0 un attaquant non authentifi\u00e9 de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance.\n\nCette vuln\u00e9rabilit\u00e9 est actuellement exploit\u00e9e de fa\u00e7on active par des\nattaquants qui semblent d\u00e9ployer diff\u00e9rentes portes d\u00e9rob\u00e9es\n(*webshells*) pour maintenir leur pr\u00e9sence sur les serveurs compromis.\n\nCette alerte sera mise \u00e0 jour r\u00e9guli\u00e8rement.\n",
  "title": "[M\u00e0J] Vuln\u00e9rabilit\u00e9 dans Atlassian Confluence",
  "vendor_advisories": [
    {
      "published_at": "2022-06-02",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian",
      "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
    }
  ]
}

CERTFR-2022-ALE-006

Vulnerability from certfr_alerte - Published: - Updated:

[Mise à jour du 03 juin 2022 à 19h52] Atlassian a publié des correctifs.

Une vulnérabilité a été découverte dans Atlassian Confluence. Elle permet à un attaquant non authentifié de provoquer une exécution de code arbitraire à distance.

Cette alerte sera mise à jour régulièrement.

Contournement provisoire

[mise à jour du 03 juin 2022 à 19h52]

Solution

[mise à jour du 03 juin 2022 à 19h52]

Se référer à l'avis de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

[mise à jour du 03 juin 2022 à 19h52]

Confluence Server et Data Server versions 1.3.0 à 7.4.x antérieures à 7.4.17
Confluence Server et Data Center versions 7.13.x antérieures à 7.13.7
Confluence Server et Data Center versions 7.14.x antérieures à 7.14.3
Confluence Server et Data Center versions 7.15.x antérieures à 7.15.2
Confluence Server et Data Center versions 7.16.x antérieures à 7.16.4
Confluence Server et Data Center versions 7.17.x antérieures à 7.17.4
Confluence Server et Data Center versions 7.18.x antérieures à 7.18.1

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Atlassian	2022-06-02	vendor-advisory
[mise à jour] Avis de sécurité CERTFR-2022-AVI-521 du 03 juin 2022	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003e\u003cstrong\u003e[mise \u00e0 jour du 03 juin 2022 \u00e0 19h52]\u003c/strong\u003e\u003c/p\u003e \u003cul\u003e \u003cli\u003eConfluence Server et Data Server versions 1.3.0 \u00e0 7.4.x ant\u00e9rieures \u00e0 7.4.17\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.13.x ant\u00e9rieures \u00e0 7.13.7\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.14.x ant\u00e9rieures \u00e0 7.14.3\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.15.x ant\u00e9rieures \u00e0 7.15.2\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.16.x ant\u00e9rieures \u00e0 7.16.4\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.17.x ant\u00e9rieures \u00e0 7.17.4\u003c/li\u003e \u003cli\u003eConfluence Server et Data Center versions 7.18.x ant\u00e9rieures \u00e0 7.18.1\u003c/li\u003e \u003c/ul\u003e ",
  "closed_at": "2022-10-07",
  "content": "## Contournement provisoire\n\n**\\[mise \u00e0 jour du 03 juin 2022 \u00e0 19h52\\]**\n\n\u003cu\u003eSi l\u0027application des correctifs ne peut \u00eatre r\u00e9alis\u00e9e\u003c/u\u003e, et \u00e9tant\ndonn\u00e9 que \u003cu\u003edes attaques sont en cours\u003c/u\u003e, le CERT-FR recommande\nfortement de \u003cu\u003ebloquer sans d\u00e9lai toute communication entre les\nserveurs Confluence et Internet\u003c/u\u003e. Id\u00e9alement, toute communication\nentre un serveur Confluence et un r\u00e9seau non s\u00fbr devrait \u00eatre \u00e9galement\ncoup\u00e9e.\n\nAtlassian propose des mesures de contournements (cf. section\nDocumentation). La proc\u00e9dure diff\u00e8re en fonction de la version de\nConfluence et n\u00e9cessite le t\u00e9l\u00e9chargement\u00a0 d\u0027un ou plusieurs fichiers.\nAvec ces nouveaux \u00e9l\u00e9ments, le CERT-FR anticipe que des codes\nd\u0027exploitation suppl\u00e9mentaires seront rapidement d\u00e9velopp\u00e9s et\nprobablement rendus publics.\n\n## Solution\n\n\u003cspan style=\"color: #ff0000;\"\u003e**\\[mise \u00e0 jour du 03 juin 2022 \u00e0\n19h52\\]**\u003c/span\u003e\n\nLe CERT-FR recommande de privil\u00e9gier la d\u00e9connexion du service\nd\u0027Internet tant que les correctifs ne sont pas appliqu\u00e9s et qu\u0027un\ncontr\u00f4le pour d\u00e9tecter une \u00e9ventuelle compromission n\u0027a pas \u00e9t\u00e9 r\u00e9alis\u00e9.\n\nSe r\u00e9f\u00e9rer \u00e0 l\u0027avis de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf.\nsection Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-26134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26134"
    }
  ],
  "links": [
    {
      "title": "[mise \u00e0 jour] Avis de s\u00e9curit\u00e9 CERTFR-2022-AVI-521 du 03 juin 2022",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-521/"
    }
  ],
  "reference": "CERTFR-2022-ALE-006",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-06-03T00:00:00.000000"
    },
    {
      "description": "Publication de mesures de contournement.",
      "revision_date": "2022-06-03T00:00:00.000000"
    },
    {
      "description": "Publication de versions corrigeant la vuln\u00e9rabilit\u00e9",
      "revision_date": "2022-06-03T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2022-10-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "\u003cstrong\u003e\\[Mise \u00e0 jour du 03 juin 2022 \u00e0 19h52\\]\u003c/strong\u003e Atlassian a publi\u00e9 des\ncorrectifs.\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Atlassian Confluence. Elle\npermet \u00e0 un attaquant non authentifi\u00e9 de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance.\n\nCette vuln\u00e9rabilit\u00e9 est actuellement exploit\u00e9e de fa\u00e7on active par des\nattaquants qui semblent d\u00e9ployer diff\u00e9rentes portes d\u00e9rob\u00e9es\n(*webshells*) pour maintenir leur pr\u00e9sence sur les serveurs compromis.\n\nCette alerte sera mise \u00e0 jour r\u00e9guli\u00e8rement.\n",
  "title": "[M\u00e0J] Vuln\u00e9rabilit\u00e9 dans Atlassian Confluence",
  "vendor_advisories": [
    {
      "published_at": "2022-06-02",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian",
      "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
    }
  ]
}

VAR-202206-0004

Vulnerability from variot - Updated: 2023-12-18 10:44

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1. (DoS) It may be in a state. Atlassian Confluence Server is a server version of Atlassian's collaboration software with enterprise knowledge management functions and support for building enterprise WiKi. The affected versions are from 1.3.0 prior to 7.4.17, from 7.13.0 prior to 7.13.7, from 7.14.0 prior to 7.14.3, from 7.15.0 prior to 7.15.2, from 7.16.0 prior to 7.16.4, from 7.17.0 prior to 7.17.4, and from 7.18.0 prior to 7.18.1

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202206-0004",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "confluence server",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.16.0"
      },
      {
        "model": "confluence data center",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.14.0"
      },
      {
        "model": "confluence data center",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.15.0"
      },
      {
        "model": "confluence server",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.17.0"
      },
      {
        "model": "confluence data center",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.18.0"
      },
      {
        "model": "confluence server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.17.4"
      },
      {
        "model": "confluence server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.4.17"
      },
      {
        "model": "confluence server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.18.0"
      },
      {
        "model": "confluence server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.15.2"
      },
      {
        "model": "confluence data center",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.13.7"
      },
      {
        "model": "confluence data center",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.16.4"
      },
      {
        "model": "confluence data center",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "1.3"
      },
      {
        "model": "confluence data center",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.13.0"
      },
      {
        "model": "confluence data center",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.16.0"
      },
      {
        "model": "confluence data center",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.17.0"
      },
      {
        "model": "confluence data center",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.17.4"
      },
      {
        "model": "confluence server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.14.3"
      },
      {
        "model": "confluence server",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.14.0"
      },
      {
        "model": "confluence data center",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.15.2"
      },
      {
        "model": "confluence data center",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.4.17"
      },
      {
        "model": "confluence server",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.15.0"
      },
      {
        "model": "confluence server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.13.7"
      },
      {
        "model": "confluence server",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "1.3"
      },
      {
        "model": "confluence server",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.13.0"
      },
      {
        "model": "confluence data center",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.14.3"
      },
      {
        "model": "confluence server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "atlassian",
        "version": "7.16.4"
      },
      {
        "model": "confluence server",
        "scope": null,
        "trust": 0.8,
        "vendor": "atlassian",
        "version": null
      },
      {
        "model": "confluence data center",
        "scope": null,
        "trust": 0.8,
        "vendor": "atlassian",
        "version": null
      },
      {
        "model": "confluence server and data center",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "atlassian",
        "version": "1.3.0,\u003c7.4.17"
      },
      {
        "model": "confluence server and data center",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "atlassian",
        "version": "7.13.0,\u003c7.13.7"
      },
      {
        "model": "confluence server and data center",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "atlassian",
        "version": "7.14.0,\u003c7.14.3"
      },
      {
        "model": "confluence server and data center",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "atlassian",
        "version": "7.15.0,\u003c7.15.2"
      },
      {
        "model": "confluence server and data center",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "atlassian",
        "version": "7.16.0,\u003c7.16.4"
      },
      {
        "model": "confluence server and data center",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "atlassian",
        "version": "7.17.0,\u003c7.17.4"
      },
      {
        "model": "confluence server and data center",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "atlassian",
        "version": "7.18.0,\u003c7.18.1"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-50013"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011115"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-26134"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:7.18.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.17.4",
                "versionStartIncluding": "7.17.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.16.4",
                "versionStartIncluding": "7.16.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.15.2",
                "versionStartIncluding": "7.15.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.14.3",
                "versionStartIncluding": "7.14.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.13.7",
                "versionStartIncluding": "7.13.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.4.17",
                "versionStartIncluding": "1.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:7.18.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.17.4",
                "versionStartIncluding": "7.17.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.16.4",
                "versionStartIncluding": "7.16.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.15.2",
                "versionStartIncluding": "7.15.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.14.3",
                "versionStartIncluding": "7.14.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.13.7",
                "versionStartIncluding": "7.13.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.4.17",
                "versionStartIncluding": "1.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-26134"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "h3v0x",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-442"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2022-26134",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2022-26134",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2022-50013",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2022-26134",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2022-26134",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2022-50013",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202206-442",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2022-26134",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-50013"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-26134"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011115"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-26134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-442"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1. (DoS) It may be in a state. Atlassian Confluence Server is a server version of Atlassian\u0027s collaboration software with enterprise knowledge management functions and support for building enterprise WiKi. The affected versions are from 1.3.0 prior to 7.4.17, from 7.13.0 prior to 7.13.7, from 7.14.0 prior to 7.14.3, from 7.15.0 prior to 7.15.2, from 7.16.0 prior to 7.16.4, from 7.17.0 prior to 7.17.4, and from 7.18.0 prior to 7.18.1",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-26134"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011115"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-50013"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-26134"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-26134",
        "trust": 3.9
      },
      {
        "db": "PACKETSTORM",
        "id": "167430",
        "trust": 2.4
      },
      {
        "db": "PACKETSTORM",
        "id": "167432",
        "trust": 2.4
      },
      {
        "db": "PACKETSTORM",
        "id": "167449",
        "trust": 2.4
      },
      {
        "db": "PACKETSTORM",
        "id": "167431",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011115",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-50013",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022060301",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "50952",
        "trust": 0.6
      },
      {
        "db": "CXSECURITY",
        "id": "WLB-2022060031",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-442",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-26134",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-50013"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-26134"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011115"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-26134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-442"
      }
    ]
  },
  "id": "VAR-202206-0004",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-50013"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-50013"
      }
    ]
  },
  "last_update_date": "2023-12-18T10:44:46.730000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Command execution vulnerability in Atlassian Confluence Server and Data Center",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/337616"
      },
      {
        "title": "Atlassian Confluence Server Repair measures for injecting vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=196250"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/skhalsa-sigsci/cve-2022-26134-lab "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/badboy-sft/cve-2022-26134 "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/cyberdonkyx0/cve-2022-26134 "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/amoloht/cve-2022-26134 "
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-50013"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-26134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-442"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-917",
        "trust": 1.0
      },
      {
        "problemtype": "Improper invalidation of special elements used to represent language constructs (CWE-917) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011115"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-26134"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "http://packetstormsecurity.com/files/167430/confluence-ognl-injection-remote-code-execution.html"
      },
      {
        "trust": 2.4,
        "url": "http://packetstormsecurity.com/files/167431/through-the-wire-cve-2022-26134-confluence-proof-of-concept.html"
      },
      {
        "trust": 2.4,
        "url": "http://packetstormsecurity.com/files/167432/confluence-ognl-injection-proof-of-concept.html"
      },
      {
        "trust": 2.4,
        "url": "http://packetstormsecurity.com/files/167449/atlassian-confluence-namespace-ognl-injection.html"
      },
      {
        "trust": 2.4,
        "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
      },
      {
        "trust": 2.4,
        "url": "https://jira.atlassian.com/browse/confserver-79016"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26134"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022060301"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-26134/"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/issue/wlb-2022060031"
      },
      {
        "trust": 0.6,
        "url": "https://www.exploit-db.com/exploits/50952"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011115"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-26134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-442"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-50013"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-26134"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011115"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-26134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-442"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-07-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2022-50013"
      },
      {
        "date": "2022-06-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-26134"
      },
      {
        "date": "2023-08-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-011115"
      },
      {
        "date": "2022-06-03T22:15:07.717000",
        "db": "NVD",
        "id": "CVE-2022-26134"
      },
      {
        "date": "2022-06-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202206-442"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-07-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2022-50013"
      },
      {
        "date": "2023-08-08T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-26134"
      },
      {
        "date": "2023-08-18T08:23:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-011115"
      },
      {
        "date": "2023-08-08T14:22:24.967000",
        "db": "NVD",
        "id": "CVE-2022-26134"
      },
      {
        "date": "2022-07-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202206-442"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-442"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Atlassian\u00a0 of \u00a0Confluence\u00a0Data\u00a0Center\u00a0 and \u00a0Confluence\u00a0Server\u00a0 Vulnerability in improper invalidation of special elements used to represent language construction in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011115"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-442"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-26134 (GCVE-0-2022-26134)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

Solution

Solution

Contournement provisoire

Solution

Contournement provisoire

Solution

Tags

Sightings

Nomenclature