Skip to main content

Critical Atlassian 0-day is under active exploit. You’re patched, right?

posted onJune 5, 2022
by l33tdawg
Arstechnica
Credit: Arstechnica

About this time last week, threat actors began quietly tapping a previously unknown vulnerability in Atlassian software that gave them almost complete control over a small number of servers. Since Thursday, active exploits of the vulnerability have mushroomed, creating a semi-organized frenzy among competing crime groups.

"It is clear that multiple threat groups and individual actors have the exploit and have been using it in different ways," said Steven Adair, president of Volexity, the security firm that discovered the zero-day vulnerability while responding to a customer's breach over the Memorial Day weekend. "Some are quite sloppy and others are a bit more stealth." His tweet came a day after his firm released the report detailing the vulnerability.

CVE-2022-26134, as the vulnerability is tracked, allows for unauthenticated remote code execution on servers running all supported versions of Confluence Server and Confluence Data Center. In its advisory, Volexity called the vulnerability "dangerous and trivially exploited." The vulnerability is likely also present in unsupported and long-term support versions, security firm Rapid7 said.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th