Threat Advisory

Atlassian Vulnerability CVE-2022-26134 Abused for More Critical Vulnerabilities

September 23, 2022 | By Accorian

On June 2nd, Atlassian released a security advisory for a critical remote code execution vulnerability that was discovered in Atlassian’s Confluence Server and Data Centre products. The vulnerability was rated a 9.8 CVSS score and was assigned CVE-2022-26134. Atlassian has already released a patch along with an advisory detailing the fixes necessary, on June 3rd. The threat actors are now leveraging the unpatched Atlassian Confluence servers to perform more malicious attacks like absolute Domain Takeover of the infrastructure, deployment of remote access trojans (RATs), information stealers, and ransomware. Installation of additional malicious payloads, including Kinsing, the Dark.IoT malware and unauthorized cryptocurrency mining are also observed recently. Accorian urges the users to prioritize patching this gap as soon as possible since it is easy to exploit it for other subsequent compromises. If it is not feasible to upgrade immediately, Atlassian has released several workarounds for different versions. The complete list can be found here.

Accorian can help identify this vulnerability in your environment. 

Source: CVE-2022-26134 Abused For More Critical Vulnerabilities | Atlassian

Threat Advisory Team 

Accorian

Recent Post

Ready to Start?

Ready to Start?​


Drop your CVs to joinourteam@accorian.com

Interested Position

Download Case study

Download SOC2 Guide