A critical unauthenticated remote code execution vulnerability has been identified.
Background / What has happened?
Atlassian published a security advisory regarding a critical unauthenticated remote code execution (RCE) vulnerability (CVE-2022-26134) in all supported versions of Atlassian Confluence Server and Data Center.
Exploitation of this RCE vulnerability could allow a malicious actor to remotely install malware or otherwise control the affected device without authentication.
The ACSC is aware of malicious actors successfully exploiting the vulnerability prior to Atlassian’s disclosure, however currently the ACSC is not aware of successful exploitation within Australia.
Mitigation / How do I stay secure?
Atlassian has released version updates (7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4 and 7.18.1) to fix the vulnerability. Atlassian recommends vendors upgrade Confluence immediately.
The ACSC recommends Atlassian Confluence Server and Data Centre users continue to monitor the Atlassian website for updates as well as future vulnerabilities.
