HomePentest-Tools.com Logo

Atlassian Confluence - Remote Code Execution (CVE-2022-26134)

Severity
CVSSv3 Score
9.8
Vulnerability description

Atlassian Confluence is affected by a Remote Code Execution, located on the base endpoint. Versions affected are between 7.15.0-7.18.0 or 7.0.0-7.14.2. The root cause of this vulnerability is that the controlled attacker-provided URI will be translated into a namespace, which will eventually result in a ONGL expression evaluation. This allows a malicious user to execute arbitrary code on the server.

Risk description

The risk exists that a remote unauthenticated attacker can fully compromise the Confluence Server in order to steal confidential information, install ransomware or pivot to the internal network.

Exploit capabilities

Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.

Recommendation

Upgrade the Confluence server to the latest version.

Codename
Not available
Detectable with
Network Scanner
Exploitable with Sniper
Yes
Vuln date
Jun 2022
Published at
Updated at
Software Type
Collaboration software
Vendor
Atlassian
Product
Confluence