CVE-2022-26134
Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability
CVSS
—
Sin CVSS
EPSS
100.0%
p100
KEV
SÍ
2 jun 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Atlassian / Confluence Server/Data Center
Vulnerabilidad
Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability
Añadido a KEV
2 jun 2022
Remediar antes de
6 jun 2022
Uso conocido en ransomware
Sí
Descripción resumida
Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.
Acción requerida
Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2022-26134
Sin CVEs relacionados por CWE o producto.