Detections
Analytics
Atlassian Confluence Namespace OGNL Injection
critical Web App Scanning Plugin ID 113248
Language:
Synopsis
Atlassian Confluence Namespace OGNL InjectionDescription
Atlassian Confluence Server and Data Center versions 1.3.x < 7.4.17, 7.13.x < 7.13.7, 7.14.x < 7.14.3, 7.15.x < 7.15.2, 7.16.x < 7.16.4, 7.17.x < 7.17.4 and 7.18.x < 7.18.1 suffer from an OGNL injection vulnerability by crafting a specific URL, allowing an unauthenticated attacker to perform a remote code execution on the target application.Solution
Update your Confluence installation to version 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4 or 7.18.1. If the upgrade is not possible, apply the temporary mitigation provided in the vendor advisory.See Also
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
Plugin Details
Severity: Critical
ID: 113248
Type: remote
Family: Component Vulnerability
Published: 6/4/2022
Updated: 6/15/2022
Scan Template: basic, full, pci, scan
Risk Information
VPR
Risk Factor: Critical
Score: 9.7
CVSS v2
Risk Factor: High
Base Score: 7.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2022-26134
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Score Source: CVE-2022-26134
Vulnerability Information
CPE: cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*
Exploit Available: true
CISA Known Exploited Vulnerability Due Dates: 6/6/2022
Reference Information
CVE: CVE-2022-26134
OWASP: 2010-A1, 2010-A6, 2013-A1, 2013-A5, 2013-A9, 2017-A1, 2017-A6, 2017-A9, 2021-A3, 2021-A5, 2021-A6
WASC: Application Misconfiguration, Improper Input Handling
CAPEC: 10, 101, 108, 120, 13, 135, 14, 24, 250, 267, 273, 28, 3, 34, 42, 43, 45, 46, 47, 51, 52, 53, 6, 64, 67, 7, 71, 72, 76, 78, 79, 8, 80, 83, 84, 9
DISA STIG: APSC-DV-002560, APSC-DV-002630
HIPAA: 164.306(a)(1), 164.306(a)(2)
ISO: 27001-A.14.2.5
NIST: sp800_53-CM-6b, sp800_53-SI-10
OWASP API: 2019-API7, 2019-API8, 2023-API8
OWASP ASVS: 4.0.2-14.2.1, 4.0.2-5.2.5