Vulnerability CVE-2022-26134


Published: 2022-06-03   Modified: 2022-06-04

Description:
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

See advisories in our WLB2 database:
Topic
Author
Date
High
Confluence Data Center 7.18.0 Remote Code Execution (RCE)
h3v0x
11.06.2022

 References:
https://jira.atlassian.com/browse/CONFSERVER-79016

Copyright 2024, cxsecurity.com

 

Back to Top