CVE-2022-26134 (GCVE-0-2022-26134)
Vulnerability from cvelistv5 – Published: 2022-06-03 21:51 – Updated: 2025-10-21 23:15
VLAI?
Summary
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Severity ?
9.8 (Critical)
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Data Center |
Affected:
next of 1.3.0 , < unspecified
(custom)
Affected: unspecified , < 7.4.17 (custom) Affected: 7.13.0 , < unspecified (custom) Affected: unspecified , < 7.13.7 (custom) Affected: 7.14.0 , < unspecified (custom) Affected: unspecified , < 7.14.3 (custom) Affected: 7.15.0 , < unspecified (custom) Affected: unspecified , < 7.15.2 (custom) Affected: 7.16.0 , < unspecified (custom) Affected: unspecified , < 7.16.4 (custom) Affected: 7.17.0 , < unspecified (custom) Affected: unspecified , < 7.17.4 (custom) Affected: 7.18.0 , < unspecified (custom) Affected: unspecified , < 7.18.1 (custom) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-26134",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:18:48.606174Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-06-02",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-917",
"description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:15:38.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-06-02T00:00:00.000Z",
"value": "CVE-2022-26134 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 1.3.0",
"versionType": "custom"
},
{
"lessThan": "7.4.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.13.0",
"versionType": "custom"
},
{
"lessThan": "7.13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.14.0",
"versionType": "custom"
},
{
"lessThan": "7.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.15.0",
"versionType": "custom"
},
{
"lessThan": "7.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.16.0",
"versionType": "custom"
},
{
"lessThan": "7.16.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.17.0",
"versionType": "custom"
},
{
"lessThan": "7.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.18.0",
"versionType": "custom"
},
{
"lessThan": "7.18.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 1.3.0",
"versionType": "custom"
},
{
"lessThan": "7.4.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.13.0",
"versionType": "custom"
},
{
"lessThan": "7.13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.14.0",
"versionType": "custom"
},
{
"lessThan": "7.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.15.0",
"versionType": "custom"
},
{
"lessThan": "7.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.16.0",
"versionType": "custom"
},
{
"lessThan": "7.16.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.17.0",
"versionType": "custom"
},
{
"lessThan": "7.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.18.0",
"versionType": "custom"
},
{
"lessThan": "7.18.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T05:20:13.000Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2022-05-31T20:00:00",
"ID": "CVE-2022-26134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence Data Center",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_value": "1.3.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.17"
},
{
"version_affected": "\u003e=",
"version_value": "7.13.0"
},
{
"version_affected": "\u003c",
"version_value": "7.13.7"
},
{
"version_affected": "\u003e=",
"version_value": "7.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "7.15.0"
},
{
"version_affected": "\u003c",
"version_value": "7.15.2"
},
{
"version_affected": "\u003e=",
"version_value": "7.16.0"
},
{
"version_affected": "\u003c",
"version_value": "7.16.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.17.0"
},
{
"version_affected": "\u003c",
"version_value": "7.17.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.18.0"
},
{
"version_affected": "\u003c",
"version_value": "7.18.1"
}
]
}
},
{
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_value": "1.3.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.17"
},
{
"version_affected": "\u003e=",
"version_value": "7.13.0"
},
{
"version_affected": "\u003c",
"version_value": "7.13.7"
},
{
"version_affected": "\u003e=",
"version_value": "7.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "7.15.0"
},
{
"version_affected": "\u003c",
"version_value": "7.15.2"
},
{
"version_affected": "\u003e=",
"version_value": "7.16.0"
},
{
"version_affected": "\u003c",
"version_value": "7.16.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.17.0"
},
{
"version_affected": "\u003c",
"version_value": "7.17.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.18.0"
},
{
"version_affected": "\u003c",
"version_value": "7.18.1"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-79016",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"name": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"name": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"name": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"name": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html",
"refsource": "MISC",
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2022-26134",
"datePublished": "2022-06-03T21:51:57.134Z",
"dateReserved": "2022-02-25T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:15:38.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2022-26134",
"cwes": "[\"CWE-917\"]",
"dateAdded": "2022-06-02",
"dueDate": "2022-06-06",
"knownRansomwareCampaignUse": "Known",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2022-26134",
"product": "Confluence Server/Data Center",
"requiredAction": "Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.",
"shortDescription": "Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.",
"vendorProject": "Atlassian",
"vulnerabilityName": "Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-79016\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T04:56:37.787Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-26134\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T14:18:48.606174Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-06-02\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-06-02T00:00:00+00:00\", \"value\": \"CVE-2022-26134 added to CISA KEV\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-917\", \"description\": \"CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T14:18:15.568Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Atlassian\", \"product\": \"Confluence Data Center\", \"versions\": [{\"status\": \"affected\", \"version\": \"next of 1.3.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.4.17\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.13.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.13.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.14.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.14.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.15.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.15.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.16.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.16.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.17.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.17.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.18.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.18.1\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Atlassian\", \"product\": \"Confluence Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"next of 1.3.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.4.17\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.13.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.13.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.14.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.14.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.15.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.15.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.16.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.16.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.17.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.17.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.18.0\", \"lessThan\": \"unspecified\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"7.18.1\", \"versionType\": \"custom\"}]}], \"datePublic\": \"2022-05-31T00:00:00.000Z\", \"references\": [{\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-79016\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Remote Code Execution\"}]}], \"providerMetadata\": {\"orgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"shortName\": \"atlassian\", \"dateUpdated\": \"2022-06-30T05:20:13.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"1.3.0\", \"version_affected\": \"\u003e\"}, {\"version_value\": \"7.4.17\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.13.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.13.7\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.14.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.14.3\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.15.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.15.2\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.16.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.16.4\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.17.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.17.4\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.18.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.18.1\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"Confluence Data Center\"}, {\"version\": {\"version_data\": [{\"version_value\": \"1.3.0\", \"version_affected\": \"\u003e\"}, {\"version_value\": \"7.4.17\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.13.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.13.7\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.14.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.14.3\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.15.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.15.2\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.16.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.16.4\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.17.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.17.4\", \"version_affected\": \"\u003c\"}, {\"version_value\": \"7.18.0\", \"version_affected\": \"\u003e=\"}, {\"version_value\": \"7.18.1\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"Confluence Server\"}]}, \"vendor_name\": \"Atlassian\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-79016\", \"name\": \"https://jira.atlassian.com/browse/CONFSERVER-79016\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\", \"name\": \"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\", \"name\": \"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\", \"name\": \"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\", \"name\": \"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Remote Code Execution\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-26134\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@atlassian.com\", \"DATE_PUBLIC\": \"2022-05-31T20:00:00\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-26134\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T18:46:18.689Z\", \"dateReserved\": \"2022-02-25T00:00:00.000Z\", \"assignerOrgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"datePublished\": \"2022-06-03T21:51:57.134Z\", \"assignerShortName\": \"atlassian\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…