Threat Advisory

Atlassian Vulnerability CVE-2022-26134 Abused for More Critical Vulnerabilities

September 23, 2022 | By Accorian

On June 2nd, Atlassian released a security advisory for a critical remote code execution vulnerability that was discovered in Atlassian’s Confluence Server and Data Centre products. The vulnerability was rated a 9.8 CVSS score and was assigned CVE-2022-26134. Atlassian has already released a patch along with an advisory detailing the fixes necessary, on June 3rd. The threat actors are now leveraging the unpatched Atlassian Confluence servers to perform more malicious attacks like absolute Domain Takeover of the infrastructure, deployment of remote access trojans (RATs), information stealers, and ransomware. Installation of additional malicious payloads, including Kinsing, the Dark.IoT malware and unauthorized cryptocurrency mining are also observed recently. Accorian urges the users to prioritize patching this gap as soon as possible since it is easy to exploit it for other subsequent compromises. If it is not feasible to upgrade immediately, Atlassian has released several workarounds for different versions. The complete list can be found here.

Accorian can help identify this vulnerability in your environment. 

Source: CVE-2022-26134 Abused For More Critical Vulnerabilities | Atlassian

Threat Advisory Team 

Accorian

Recent Post

    Ready to Start?



      Ready to Start?



        Download Case study




          Download Guide




          Human Resources Director

          Posted On: 09 May, 2022

          Drop your CVs to joinourteam@accorian.com

            Interested Position

            First Name

            Last Name

            Email

            Total Experience

            Mobile Number

            Upload Resume