CISA/NIST NVD Alert - CVE-2022-26134

Confluence Server/Data Center - Confluence Server and Data Center Remote Code Execution Vulnerability

CISA/NIST Known Exploited Vulnerability Alert

CVE Identification Number

CVE-2022-26134

Vendor Name

Atlassian

Product

Confluence Server/Data Center

Vulnerability Name

Confluence Server and Data Center Remote Code Execution Vulnerability

Description of Vulnerability

Versions of Confluence Server and Data Center contain a remote code execution vulnerability that allow for an unauthenticated attacker to perform arbitrary code execution.

Date Added to CISA Known Exploited Vulnerability Database

2022-06-02

Remediation

Immediately block all internet traffic to and from Atlassian's Confluence Server and Data Center products until an update is available and successfully applied.

Link to NIST NVD CVE Listing

National Vulnerability Database Source