CVE-2022–26134: Zero-day remote code execution vulnerability affecting Confluence Server and Data Center

Active security risk

As mentioned above, the vulnerabilities have not been fixed by Atlassian, so administrators of affected deployments are advised to consider some alternative security measures. Volexity’s recommendations include:

  • Restrict access to Confluence Server and Data Center instances from the Internet
  • Disable Confluence Server and Data Center instances
  • Block external access to Confluence Server and Data Center systems
  • Verify that Internet-facing web services have robust monitoring capabilities and log retention policies
  • Sending relevant log files from Internet-connected web servers to a SIEM or Syslog server

--

--

Knowledge belongs to the world

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store