Attackers Employ Public Exploits to Attack Atlassian Confluence Flaw

38
Attackers Employ Public Exploits to Attack Atlassian Confluence Flaw

Threat actors are pinning down a serious zero-day Remote Code Execution (RCE) weakness that affects all versions of a popular collaboration application used in cloud and hybrid server environments and enable for complete host takeover using publicly available vulnerabilities.

According to a blog post published last week by Volexity, researchers discovered the issue in Atlassian Confluence Server and Data Center software over the Memorial Day weekend after detecting unusual activity on two internet-facing web servers belonging to a client running the program.

The researchers traced the activity to a widely distributed public exploit for the vulnerability, CVE-2022-26134, and reported the problem to Atlassian. Many versions of the collaboration tool have the vulnerability unpatched, which could lead to a SolarWinds-style scenario.

Read More: https://threatpost.com/public-exploits-atlassian-confluence-flaw/179887/