// For flags

CVE-2022-26134

Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

41
*Multiple Sources

Exploited in Wild

Yes
*KEV

Decision

-
*SSVC
Descriptions

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

En las versiones afectadas de Confluence Server y Data Center, se presenta una vulnerabilidad de inyección OGNL que permitiría a un atacante no autenticado ejecutar código arbitrario en una instancia de Confluence Server o Data Center. Las versiones afectadas son 1.3.0 anteriores a 7.4.17, 7.13.0 anteriores a 7.13.7, 7.14.0 anteriores a 7.14.3, 7.15.0 anteriores a 7.15.2, 7.16.0 anteriores a 7.16.4, 7.17.0 anteriores a 7.17.4 y 7.18.0 anteriores a 7.18.1

Confluence suffers from a pre-authentication remote code execution vulnerability that is leveraged via OGNL injection. All 7.4.17 versions before 7.18.1 are affected.

Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-02-25 CVE Reserved
  • 2022-06-02 Exploited in Wild
  • 2022-06-03 CVE Published
  • 2022-06-03 First Exploit
  • 2022-06-06 KEV Due Date
  • 2024-09-16 CVE Updated
  • 2024-11-02 EPSS Updated
CWE
  • CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CAPEC
References (48)
URL Tag Source
http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html Third Party Advisory
http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html Third Party Advisory
https://jira.atlassian.com/browse/CONFSERVER-79000?src=confmacro
https://gist.githubusercontent.com/bturner-r7/1d0b62fac85235b94f1c95cc4c03fcf3/raw/478e53b6f68b5150eefd53e0956f23d53618d250/confluence-exploit.py
https://attackerkb.com/topics/BH1D56ZEhs/cve-2022-26134/rapid7-analysis
URL Date SRC
https://github.com/Nwqda/CVE-2022-26134 2022-06-07
https://github.com/jbaines-r7/through_the_wire 2022-06-07
https://github.com/h3v0x/CVE-2022-26134 2022-06-07
https://www.exploit-db.com/exploits/50952 2022-06-10
https://github.com/BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL 2022-06-07
https://github.com/crowsec-edtech/CVE-2022-26134 2022-06-03
https://github.com/hev0x/CVE-2022-26134 2022-06-06
https://github.com/nxtexploit/CVE-2022-26134 2024-08-23
https://github.com/SNCKER/CVE-2022-26134 2022-06-18
https://github.com/AmoloHT/CVE-2022-26134 2022-06-19
https://github.com/abhishekmorla/CVE-2022-26134 2022-06-08
https://github.com/whokilleddb/CVE-2022-26134-Confluence-RCE 2022-07-24
https://github.com/kyxiaxiang/CVE-2022-26134 2022-06-04
https://github.com/cai-niao98/CVE-2022-26134 2022-06-09
https://github.com/Y000o/Confluence-CVE-2022-26134 2022-06-07
https://github.com/alcaparra/CVE-2022-26134 2022-06-07
https://github.com/shiftsansan/CVE-2022-26134-Console 2022-08-23
https://github.com/li8u99/CVE-2022-26134 2022-06-30
https://github.com/Vulnmachines/Confluence-CVE-2022-26134 2022-07-13
https://github.com/murataydemir/CVE-2022-26134 2022-06-14
https://github.com/offlinehoster/CVE-2022-26134 2022-06-03
https://github.com/keven1z/CVE-2022-26134 2022-07-25
https://github.com/Debajyoti0-0/CVE-2022-26134 2022-07-05
https://github.com/coskper-papa/CVE-2022-26134 2022-07-08
https://github.com/shamo0/CVE-2022-26134 2022-06-04
https://github.com/archanchoudhury/Confluence-CVE-2022-26134 2022-06-10
https://github.com/CatAnnaDev/CVE-2022-26134 2022-06-06
https://github.com/kh4sh3i/CVE-2022-26134 2022-06-21
https://github.com/Chocapikk/CVE-2022-26134 2022-10-19
https://github.com/skhalsa-sigsci/CVE-2022-26134-LAB 2022-10-09
https://github.com/twoning/CVE-2022-26134-PoC 2022-07-14
https://github.com/b4dboy17/CVE-2022-26134 2022-10-24
https://github.com/ColdFusionX/CVE-2022-26134 2022-06-24
https://github.com/latings/CVE-2022-26134 2022-10-16
https://github.com/yTxZx/CVE-2022-26134 2023-10-20
https://github.com/acfirthh/CVE-2022-26134 2023-09-20
https://github.com/yigexioabai/CVE-2022-26134-cve1 2022-10-15
https://github.com/wjlin0/CVE-2022-26134 2022-12-26
https://github.com/Habib0x0/CVE-2022-26134 2022-06-07
http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html 2024-09-16
http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html 2024-09-16
URL Date SRC
https://jira.atlassian.com/browse/CONFSERVER-79016 2024-06-28
URL Date SRC
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html 2024-06-28
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Atlassian
Search vendor "Atlassian"
 Confluence Data Center
Search vendor "Atlassian" for product "Confluence Data Center"
 >= 1.3 < 7.4.17
Search vendor "Atlassian" for product "Confluence Data Center" and version " >= 1.3 < 7.4.17"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Data Center
Search vendor "Atlassian" for product "Confluence Data Center"
 >= 7.13.0 < 7.13.7
Search vendor "Atlassian" for product "Confluence Data Center" and version " >= 7.13.0 < 7.13.7"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Data Center
Search vendor "Atlassian" for product "Confluence Data Center"
 >= 7.14.0 < 7.14.3
Search vendor "Atlassian" for product "Confluence Data Center" and version " >= 7.14.0 < 7.14.3"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Data Center
Search vendor "Atlassian" for product "Confluence Data Center"
 >= 7.15.0 < 7.15.2
Search vendor "Atlassian" for product "Confluence Data Center" and version " >= 7.15.0 < 7.15.2"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Data Center
Search vendor "Atlassian" for product "Confluence Data Center"
 >= 7.16.0 < 7.16.4
Search vendor "Atlassian" for product "Confluence Data Center" and version " >= 7.16.0 < 7.16.4"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Data Center
Search vendor "Atlassian" for product "Confluence Data Center"
 >= 7.17.0 < 7.17.4
Search vendor "Atlassian" for product "Confluence Data Center" and version " >= 7.17.0 < 7.17.4"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Data Center
Search vendor "Atlassian" for product "Confluence Data Center"
 7.18.0
Search vendor "Atlassian" for product "Confluence Data Center" and version "7.18.0"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Server
Search vendor "Atlassian" for product "Confluence Server"
 >= 1.3 < 7.4.17
Search vendor "Atlassian" for product "Confluence Server" and version " >= 1.3 < 7.4.17"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Server
Search vendor "Atlassian" for product "Confluence Server"
 >= 7.13.0 < 7.13.7
Search vendor "Atlassian" for product "Confluence Server" and version " >= 7.13.0 < 7.13.7"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Server
Search vendor "Atlassian" for product "Confluence Server"
 >= 7.14.0 < 7.14.3
Search vendor "Atlassian" for product "Confluence Server" and version " >= 7.14.0 < 7.14.3"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Server
Search vendor "Atlassian" for product "Confluence Server"
 >= 7.15.0 < 7.15.2
Search vendor "Atlassian" for product "Confluence Server" and version " >= 7.15.0 < 7.15.2"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Server
Search vendor "Atlassian" for product "Confluence Server"
 >= 7.16.0 < 7.16.4
Search vendor "Atlassian" for product "Confluence Server" and version " >= 7.16.0 < 7.16.4"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Server
Search vendor "Atlassian" for product "Confluence Server"
 >= 7.17.0 < 7.17.4
Search vendor "Atlassian" for product "Confluence Server" and version " >= 7.17.0 < 7.17.4"
-
Affected
Atlassian
Search vendor "Atlassian"
 Confluence Server
Search vendor "Atlassian" for product "Confluence Server"
 7.18.0
Search vendor "Atlassian" for product "Confluence Server" and version "7.18.0"
-
Affected