CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Jun 6, 2022

CVE-2022-26134

High

CVSS 9.8EPSS 94.4%CISA KEVPoC AvailableRansomware

Atlassian/Confluence Server/Data Center

Description

Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.

CVSS Score

9.8/ 10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS — Exploit Probability

94.4%

Higher than 100.0% of all CVEs

Weakness Classification (CWE)

CWE-917CWE-917MITRE

Known Exploits

POC

http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.htmlExploit http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.htmlExploit http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.htmlExploit http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.htmlExploit

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2022-26134

Risk Assessment

CRITICAL

In CISA KEV

Known exploit

Critical CVSS

High EPSS

Ransomware

Details

Severity: High
CVSS: 9.8
EPSS: 94.4%
CWE: CWE-917
Exploit: POC
CISA KEV: Yes
Ransomware: Known
Articles: 0

Timeline

Published

Jun 2, 2022

Added to KEV

Jun 2, 2022

Remediation Due

Jun 6, 2022

Affected Product

Atlassian

Confluence Server/Data Center

View all Atlassian CVEs

External Links

NVD (NIST)CVE Details MITRE CVE