CVE-2022-26134

2022-05-3100:00:00

atlassian

www.cve.org

9.9 High

AI Score

Confidence

High

0.975 High

EPSS

Percentile

100.0%

JSON

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

CNA Affected

[
  {
    "product": "Confluence Data Center",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "next of 1.3.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.4.17",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.13.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.13.7",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.14.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.14.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.15.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.15.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.16.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.16.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.17.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.17.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.18.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.18.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Confluence Server",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "next of 1.3.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.4.17",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.13.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.13.7",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.14.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.14.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.15.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.15.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.16.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.16.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.17.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.17.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.18.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.18.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]