cve-2022-26134
Vulnerability from cvelistv5
Published
2022-06-03 21:51
Modified
2024-09-16 18:55
Severity ?
EPSS score ?
Summary
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@atlassian.com | http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| security@atlassian.com | http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html | Third Party Advisory, VDB Entry | |
| security@atlassian.com | http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html | Third Party Advisory, VDB Entry | |
| security@atlassian.com | http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html | Exploit, Third Party Advisory, VDB Entry | |
| security@atlassian.com | https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html | Vendor Advisory | |
| security@atlassian.com | https://jira.atlassian.com/browse/CONFSERVER-79016 | Issue Tracking, Patch, Vendor Advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Atlassian | Confluence Data Center | |
| Atlassian | Confluence Server |
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-06-02
Due date: 2022-06-06
Required action: Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.
Used in ransomware: Known
Notes: https://nvd.nist.gov/vuln/detail/CVE-2022-26134
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 1.3.0",
"versionType": "custom"
},
{
"lessThan": "7.4.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.13.0",
"versionType": "custom"
},
{
"lessThan": "7.13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.14.0",
"versionType": "custom"
},
{
"lessThan": "7.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.15.0",
"versionType": "custom"
},
{
"lessThan": "7.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.16.0",
"versionType": "custom"
},
{
"lessThan": "7.16.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.17.0",
"versionType": "custom"
},
{
"lessThan": "7.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.18.0",
"versionType": "custom"
},
{
"lessThan": "7.18.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 1.3.0",
"versionType": "custom"
},
{
"lessThan": "7.4.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.13.0",
"versionType": "custom"
},
{
"lessThan": "7.13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.14.0",
"versionType": "custom"
},
{
"lessThan": "7.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.15.0",
"versionType": "custom"
},
{
"lessThan": "7.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.16.0",
"versionType": "custom"
},
{
"lessThan": "7.16.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.17.0",
"versionType": "custom"
},
{
"lessThan": "7.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.18.0",
"versionType": "custom"
},
{
"lessThan": "7.18.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T05:20:13",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2022-05-31T20:00:00",
"ID": "CVE-2022-26134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence Data Center",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_value": "1.3.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.17"
},
{
"version_affected": "\u003e=",
"version_value": "7.13.0"
},
{
"version_affected": "\u003c",
"version_value": "7.13.7"
},
{
"version_affected": "\u003e=",
"version_value": "7.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "7.15.0"
},
{
"version_affected": "\u003c",
"version_value": "7.15.2"
},
{
"version_affected": "\u003e=",
"version_value": "7.16.0"
},
{
"version_affected": "\u003c",
"version_value": "7.16.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.17.0"
},
{
"version_affected": "\u003c",
"version_value": "7.17.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.18.0"
},
{
"version_affected": "\u003c",
"version_value": "7.18.1"
}
]
}
},
{
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_value": "1.3.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.17"
},
{
"version_affected": "\u003e=",
"version_value": "7.13.0"
},
{
"version_affected": "\u003c",
"version_value": "7.13.7"
},
{
"version_affected": "\u003e=",
"version_value": "7.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "7.15.0"
},
{
"version_affected": "\u003c",
"version_value": "7.15.2"
},
{
"version_affected": "\u003e=",
"version_value": "7.16.0"
},
{
"version_affected": "\u003c",
"version_value": "7.16.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.17.0"
},
{
"version_affected": "\u003c",
"version_value": "7.17.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.18.0"
},
{
"version_affected": "\u003c",
"version_value": "7.18.1"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-79016",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"name": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"name": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"name": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"name": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html",
"refsource": "MISC",
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2022-26134",
"datePublished": "2022-06-03T21:51:57.134389Z",
"dateReserved": "2022-02-25T00:00:00",
"dateUpdated": "2024-09-16T18:55:17.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"cisa_known_exploited": {
"cveID": "CVE-2022-26134",
"cwes": "[\"CWE-917\"]",
"dateAdded": "2022-06-02",
"dueDate": "2022-06-06",
"knownRansomwareCampaignUse": "Known",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2022-26134",
"product": "Confluence Server/Data Center",
"requiredAction": "Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.",
"shortDescription": "Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.",
"vendorProject": "Atlassian",
"vulnerabilityName": "Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-26134\",\"sourceIdentifier\":\"security@atlassian.com\",\"published\":\"2022-06-03T22:15:07.717\",\"lastModified\":\"2024-06-28T14:22:46.883\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"cisaExploitAdd\":\"2022-06-02\",\"cisaActionDue\":\"2022-06-06\",\"cisaRequiredAction\":\"Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.\",\"cisaVulnerabilityName\":\"Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.\"},{\"lang\":\"es\",\"value\":\"En las versiones afectadas de Confluence Server y Data Center, se presenta una vulnerabilidad de inyecci\u00f3n OGNL que permitir\u00eda a un atacante no autenticado ejecutar c\u00f3digo arbitrario en una instancia de Confluence Server o Data Center. Las versiones afectadas son 1.3.0 anteriores a 7.4.17, 7.13.0 anteriores a 7.13.7, 7.14.0 anteriores a 7.14.3, 7.15.0 anteriores a 7.15.2, 7.16.0 anteriores a 7.16.4, 7.17.0 anteriores a 7.17.4 y 7.18.0 anteriores a 7.18.1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-917\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.3\",\"versionEndExcluding\":\"7.4.17\",\"matchCriteriaId\":\"5B80A5DD-66A4-4BA9-8BE0-CD862048B497\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.13.0\",\"versionEndExcluding\":\"7.13.7\",\"matchCriteriaId\":\"C98724BE-9503-4E81-B427-79410CDBF2B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.14.0\",\"versionEndExcluding\":\"7.14.3\",\"matchCriteriaId\":\"12E753EB-0D31-448B-B8DE-0A95434CC97C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.15.0\",\"versionEndExcluding\":\"7.15.2\",\"matchCriteriaId\":\"DE114494-74F0-454C-AAC4-8B8E5F1C67D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.16.0\",\"versionEndExcluding\":\"7.16.4\",\"matchCriteriaId\":\"90BB3572-29ED-415F-AD34-00EB76271F9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.17.0\",\"versionEndExcluding\":\"7.17.4\",\"matchCriteriaId\":\"30EF756A-B4E9-4E5D-BE6F-02CE95F12C9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_data_center:7.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A56B6A10-E23F-49EF-8C07-1AEDFCAE2788\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.3\",\"versionEndExcluding\":\"7.4.17\",\"matchCriteriaId\":\"3AC4BC00-4067-4C75-AF15-A754C2713B02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.13.0\",\"versionEndExcluding\":\"7.13.7\",\"matchCriteriaId\":\"4587786A-9864-405F-8C0F-31D930651F59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.14.0\",\"versionEndExcluding\":\"7.14.3\",\"matchCriteriaId\":\"5DCDEC6C-4515-4CAA-9D82-7BF68A3AAE7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.15.0\",\"versionEndExcluding\":\"7.15.2\",\"matchCriteriaId\":\"B9948F94-DF67-4E3C-8CD4-417D57FBC60F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.16.0\",\"versionEndExcluding\":\"7.16.4\",\"matchCriteriaId\":\"30E63ECB-85A8-4D41-A9B5-9FFF18D9CDB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.17.0\",\"versionEndExcluding\":\"7.17.4\",\"matchCriteriaId\":\"694171BD-FAE2-472C-8183-04BCA2F7B9A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:confluence_server:7.18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AC5E81B-DA4B-45E7-9584-4B576E49FD8B\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\",\"source\":\"security@atlassian.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://jira.atlassian.com/browse/CONFSERVER-79016\",\"source\":\"security@atlassian.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.