We want to share this update regarding the critical Confluence 0-day vulnerability (CVE-2022-26134).
On June 02, 2022 Atlassian released a security advisory for their Confluence Server and Data Center applications, highlighting a critical severity unauthenticated remote code execution (RCE) vulnerability. Exploits are already publicly available and we expect this vulnerability to be heavily exploited in the wild.
We tested Wallarm’s attack detection against the known exploit and confirmed that exploitation attempted are successfully detected and blocked. No further actions are required.
To mitigate the vulnerability when working in a monitoring mode, it’s recommended to create a virtual patch rule based on Confluence recommendation. This rule will block any requests that contain a string ${ in the URI.
You can create the rule by yourself using the example below or contact our support team in case you want us to create the rule. The regex: [$][{]
Feel free to reach out to support@wallarm.com if you need assistance.
Further updates will be published in Wallarm Changelog: https://changelog.wallarm.com
As API and AI adoption grows across the Middle East, so do the expectations around…
Most organizations treating AI security as a model problem are defending the wrong layer. Security…
Your legal team just handed you a 400-page document and said "figure out compliance." The…
Every secure API draws a line between code and data. HTTP separates headers from bodies.…
TL;DR AI risk doesn’t live in the model. It lives in the APIs behind it.…
Dimitris Georgiou has been a self-professed computer geek since the early 80s. At university, he…