Atlassian’s Confluence hit with critical remote code execution bugs

Fix includes updating to the latest version

The vulnerability affects versions 5.2, 7.19.0, 7.20.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.8.0, 8.7.1, 8.9.0 of Confluence Data Center as well as Atlassian Server. Fixes for the flawed software are included in the versions 8.9.1, 8.5.9, and 7.19.22, patching all the affected versions.

“Atlassian recommends that Confluence Server customers upgrade to the latest version,” said Atlassian in the advisory. “If you are unable to do so, upgrade your instance to one of the specified supported fixed versions.”

Additionally, SonicWall has provided two Intrusion Prevention Signatures (IPS) signatures for customers to prepare against exploitation.

Recent Articles

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here