JP Vossen via plug on 4 Jun 2022 13:28:37 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Critical Confluence Vulnerability

On 6/2/22 19:18, Chris Thistlethwaite via plug wrote:
This is a fun one,

Just shut down Confluence if you have it running.


Yeah, that was a good one; 10 out 10 for bad, "unauthenticated remote code execution" and there was no fix for a while, either unplug it from the internet or turn it off.

There are fixes now, and it turns out the flaw has been there for years:
	_The company has now released patches and advises all customers to upgrade their appliances to versions 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4, and 7.18.1, which contain a fix for this flaw._

--  -------------------------------------------------------------------
JP Vossen, CISSP | |
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --