We want to share this update regarding the critical Confluence 0-day vulnerability (CVE-2022-26134).
On June 02, 2022 Atlassian released a security advisory for their Confluence Server and Data Center applications, highlighting a critical severity unauthenticated remote code execution (RCE) vulnerability. Exploits are already publicly available and we expect this vulnerability to be heavily exploited in the wild.
We tested Wallarm’s attack detection against the known exploit and confirmed that exploitation attempted are successfully detected and blocked. No further actions are required.
To mitigate the vulnerability when working in a monitoring mode, it’s recommended to create a virtual patch rule based on Confluence recommendation. This rule will block any requests that contain a string ${ in the URI.
You can create the rule by yourself using the example below or contact our support team in case you want us to create the rule. The regex: [$][{]
Feel free to reach out to support@wallarm.com if you need assistance.
Further updates will be published in Wallarm Changelog: https://changelog.wallarm.com
Your board wants AI. Your developers are building with it. Your budget committee is asking…
AI systems are no longer just isolated models responding to human prompts. In modern production…
Broken authorization is one of the most widely known API vulnerabilities. It features in the…
The shadow technology problem is getting worse. Over the past few years, organizations have scaled…
API security has been a growing concern for years. However, while it was always seen…
It’s an unusually cold winter morning in Houston, and Craig Riddell is settling into his…