Atlassian Confluence Data Center Known Exploited Vulnerabilities - 20240130002¶
Overview¶
The WA SOC has been made aware of a Proof of Concept (PoC) exploit code available for Confluence Data Center and Server SSTI (Server Side Template Injection) vulnerability.
What is vulnerable?¶
| Product(s) Affected | Affected Version(s) | Summary | Severity | CVSS |
|---|---|---|---|---|
| Confluence Data Center and Server | 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3 |
A template injection vulnerability on out-of-date versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected version. Customers using an affected version must take immediate action. | Critical | 9.8 |
Note: 7.19.x LTS versions are not affected by this vulnerability
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month... (refer Patch Management):
Immediately patch to the latest version¶
If you are on an out-of-date version, you must immediately patch. Atlassian recommends that you patch each of your affected installations to the latest version available. The listed Fixed Versions are no longer the most up-to-date and do not protect your instance from other non-critical vulnerabilities as outlined in Atlassian’s January Security Bulletin.
| Product | Fixed Versions | Latest Versions |
|---|---|---|
| Confluence Data Center and Server | 8.5.4 (LTS) | 8.5.5 (LTS) |
| Confluence Data Center | 8.6.0 (Data Center Only) 8.7.1 (Data Center Only) |
8.7.2 (Data Center Only) |
Mitigations¶
There are no known workarounds. To remediate this vulnerability, update each affected product installation to the latest version.