Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability
Details
CISA date
2022-06-02
Affected versions
Confluence Server/Data Center
Summary
Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.
Remediation
Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.
Exploit info
No exploit-tagged NVD references in our cache; see the CISA KEV link below.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.