Hacker News new | past | comments | ask | show | jobs | submit login
[dupe] Atlassian Confluence Server CVE-2022-26134 being actively expoited in the wild (greynoise.io)
14 points by f0e4c2f7 on June 7, 2022 | hide | past | favorite | 6 comments



This was extensively covered when it first broke:

https://news.ycombinator.com/item?id=31602288

https://www.volexity.com/blog/2022/06/02/zero-day-exploitati...

(this article seems like blogspam to me)


CVE only became public on friday and is already being actively exploited.

More info about the CVE from Atlassian here.

https://confluence.atlassian.com/doc/confluence-security-adv...


That was how it was discovered in the first place:

https://news.ycombinator.com/item?id=31605665


> Atlassian has been made aware of current active exploitation of a critical severity unauthenticated remote code execution vulnerability in Confluence Data Center and Server. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance.

Prepare to wipe servers and start fresh!


Shoutout to Cloudflare for their quick WAF mitigation when this was discovered.


Not surprising considering this is trivial to exploit.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: