cve-2022-26134
Vulnerability from cvelistv5
Published
2022-06-03 21:51
Modified
2024-09-16 18:55
Severity
Summary
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
References
| Source | URL | Tags |
|---|---|---|
| security@atlassian.com | http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry |
| security@atlassian.com | http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html | Third Party Advisory, VDB Entry |
| security@atlassian.com | http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html | Third Party Advisory, VDB Entry |
| security@atlassian.com | http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html | Exploit, Third Party Advisory, VDB Entry |
| security@atlassian.com | https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html | Vendor Advisory |
| security@atlassian.com | https://jira.atlassian.com/browse/CONFSERVER-79016 | Issue Tracking, Patch, Vendor Advisory |
Impacted products
| Vendor | Product |
|---|---|
| Atlassian | Confluence Data Center |
| Atlassian | Confluence Server |
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-06-02
Due date: 2022-06-06
Required action: Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.
Used in ransomware: Known
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 1.3.0",
"versionType": "custom"
},
{
"lessThan": "7.4.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.13.0",
"versionType": "custom"
},
{
"lessThan": "7.13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.14.0",
"versionType": "custom"
},
{
"lessThan": "7.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.15.0",
"versionType": "custom"
},
{
"lessThan": "7.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.16.0",
"versionType": "custom"
},
{
"lessThan": "7.16.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.17.0",
"versionType": "custom"
},
{
"lessThan": "7.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.18.0",
"versionType": "custom"
},
{
"lessThan": "7.18.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 1.3.0",
"versionType": "custom"
},
{
"lessThan": "7.4.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.13.0",
"versionType": "custom"
},
{
"lessThan": "7.13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.14.0",
"versionType": "custom"
},
{
"lessThan": "7.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.15.0",
"versionType": "custom"
},
{
"lessThan": "7.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.16.0",
"versionType": "custom"
},
{
"lessThan": "7.16.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.17.0",
"versionType": "custom"
},
{
"lessThan": "7.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.18.0",
"versionType": "custom"
},
{
"lessThan": "7.18.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T05:20:13",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2022-05-31T20:00:00",
"ID": "CVE-2022-26134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence Data Center",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_value": "1.3.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.17"
},
{
"version_affected": "\u003e=",
"version_value": "7.13.0"
},
{
"version_affected": "\u003c",
"version_value": "7.13.7"
},
{
"version_affected": "\u003e=",
"version_value": "7.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "7.15.0"
},
{
"version_affected": "\u003c",
"version_value": "7.15.2"
},
{
"version_affected": "\u003e=",
"version_value": "7.16.0"
},
{
"version_affected": "\u003c",
"version_value": "7.16.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.17.0"
},
{
"version_affected": "\u003c",
"version_value": "7.17.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.18.0"
},
{
"version_affected": "\u003c",
"version_value": "7.18.1"
}
]
}
},
{
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_value": "1.3.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.17"
},
{
"version_affected": "\u003e=",
"version_value": "7.13.0"
},
{
"version_affected": "\u003c",
"version_value": "7.13.7"
},
{
"version_affected": "\u003e=",
"version_value": "7.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "7.15.0"
},
{
"version_affected": "\u003c",
"version_value": "7.15.2"
},
{
"version_affected": "\u003e=",
"version_value": "7.16.0"
},
{
"version_affected": "\u003c",
"version_value": "7.16.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.17.0"
},
{
"version_affected": "\u003c",
"version_value": "7.17.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.18.0"
},
{
"version_affected": "\u003c",
"version_value": "7.18.1"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-79016",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"name": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"name": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"name": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"name": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html",
"refsource": "MISC",
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2022-26134",
"datePublished": "2022-06-03T21:51:57.134389Z",
"dateReserved": "2022-02-25T00:00:00",
"dateUpdated": "2024-09-16T18:55:17.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"cisa_known_exploited": {
"cveID": "CVE-2022-26134",
"dateAdded": "2022-06-02",
"dueDate": "2022-06-06",
"knownRansomwareCampaignUse": "Known",
"notes": "",
"product": "Confluence Server/Data Center",
"requiredAction": "Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.",
"shortDescription": "Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.",
"vendorProject": "Atlassian",
"vulnerabilityName": "Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-26134\",\"sourceIdentifier\":\"security@atlassian.com\",\"published\":\"2022-06-03T22:15:07.717\",\"lastModified\":\"2024-06-28T14:22:46.883\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"cisaExploitAdd\":\"2022-06-02\",\"cisaActionDue\":\"2022-06-06\",\"cisaRequiredAction\":\"Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.\",\"cisaVulnerabilityName\":\"Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.\"},{\"lang\":\"es\",\"value\":\"En las versiones afectadas de Confluence Server y Data Center, se presenta una vulnerabilidad de inyecci\u00f3n OGNL que permitir\u00eda a un atacante no autenticado ejecutar c\u00f3digo arbitrario en una instancia de Confluence Server o Data Center. Las versiones afectadas son 1.3.0 anteriores a 7.4.17, 7.13.0 anteriores a 7.13.7, 7.14.0 anteriores a 7.14.3, 7.15.0 anteriores a 7.15.2, 7.16.0 anteriores a 7.16.4, 7.17.0 anteriores a 7.17.4 y 7.18.0 anteriores a 7.18.1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-917\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.3\",\"versionEndExcluding\":\"7.4.17\",\"matchCriteriaId\":\"5B80A5DD-66A4-4BA9-8BE0-CD862048B497\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.13.0\",\"versionEndExcluding\":\"7.13.7\",\"matchCriteriaId\":\"C98724BE-9503-4E81-B427-79410CDBF2B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.14.0\",\"versionEndExcluding\":\"7.14.3\",\"matchCriteriaId\":\"12E753EB-0D31-448B-B8DE-0A95434CC97C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.15.0\",\"versionEndExcluding\":\"7.15.2\",\"matchCriteriaId\":\"DE114494-74F0-454C-AAC4-8B8E5F1C67D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.16.0\",\"versionEndExcluding\":\"7.16.4\",\"matchCriteriaId\":\"90BB3572-29ED-415F-AD34-00EB76271F9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.17.0\",\"versionEndExcluding\":\"7.17.4\",\"matchCriteriaId\":\"30EF756A-B4E9-4E5D-BE6F-02CE95F12C9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:7.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A56B6A10-E23F-49EF-8C07-1AEDFCAE2788\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.3\",\"versionEndExcluding\":\"7.4.17\",\"matchCriteriaId\":\"3AC4BC00-4067-4C75-AF15-A754C2713B02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.13.0\",\"versionEndExcluding\":\"7.13.7\",\"matchCriteriaId\":\"4587786A-9864-405F-8C0F-31D930651F59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.14.0\",\"versionEndExcluding\":\"7.14.3\",\"matchCriteriaId\":\"5DCDEC6C-4515-4CAA-9D82-7BF68A3AAE7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.15.0\",\"versionEndExcluding\":\"7.15.2\",\"matchCriteriaId\":\"B9948F94-DF67-4E3C-8CD4-417D57FBC60F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.16.0\",\"versionEndExcluding\":\"7.16.4\",\"matchCriteriaId\":\"30E63ECB-85A8-4D41-A9B5-9FFF18D9CDB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.17.0\",\"versionEndExcluding\":\"7.17.4\",\"matchCriteriaId\":\"694171BD-FAE2-472C-8183-04BCA2F7B9A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:7.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AC5E81B-DA4B-45E7-9584-4B576E49FD8B\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://jira.atlassian.com/browse/CONFSERVER-79016\",\"source\":\"security@atlassian.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
Loading...